Solved

iptables for dialup server

Posted on 2004-05-02
2
226 Views
Last Modified: 2010-05-18
HI.
Ok. I have RH9 running as my DNS server. I want to have a dialup connection over ppp0 for internet mostly.
I can already establish the connection and when turning iptables off on the server.
What rules/ports do I need to add/open for this to work.
I would like to treat my ppp0 users as not totally safe-not outside but not inside either. Is there a way to do this??
thanks.
0
Comment
Question by:kephillips
2 Comments
 
LVL 9

Accepted Solution

by:
Alf666 earned 500 total points
ID: 10973860
Just build your rules based on interfaces, and not ip addresses.
There's a special feature in netfilter (iptables) that allow you to use a '+' sign as a wildcard.

So, in your case, you would build rules for a pseudo interface named "ppp+". This will match all pppn interfaces as they appear.

0
 

Author Comment

by:kephillips
ID: 10999703
OK. here's the basics:
$INSIDE=eth0
$OUTSIDE=eth1
I would basically like to use this one line to abilitate my ppp+ the same way as I have for eth0.
How can I do this. I made a line just like this for ppp+ but when I run it, it cuts off my internal network. How can I run them at the same time. (eth0 and ppp+ as trusted)
iptables -A INPUT -i $INSIDE -d 192.168.0.1 -j ACCEPT

Thanks.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Redhat Linux 6.6 and LDAP 18 106
Traceroute command on mac printing * * *** 10 74
Install dhcp server on Ubuntu server 4 65
Cron jobs 12 88
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now