set your default policies to DENY (instead of ACCEPT) and try again ..everything will be blocked except what you specifically state should be allowed in (dont try this from remote! you may lose access to the machine)
(use ipfwadm -p DENY) nate ----------------------------------------[mailto:[EMAIL PROTECTED] ]-- Vice President Network Operations http://www.firetrail.com/ Firetrail Internet Services Limited http://www.aphroland.org/ Everett, WA 425-348-7336 http://www.linuxpowered.net/ Powered By: http://comedy.aphroland.org/ Debian 2.1 Linux 2.0.36 SMP http://yahoo.aphroland.org/ -----------------------------------------[mailto:[EMAIL PROTECTED] ]-- On Fri, 29 Oct 1999, Pere Camps wrote: > Hi! > > I'm trying to set up my home box (connected via PPP to the > internet to do the following): > > a) Deny everything incoming (tcp,udp,icmp) > b) Accept only DNS udp connections > c) Accept incoming tcp data for only the connections that I have > initiated. > > So far I've got this working: > > a) no problem > b) I accept udp connections from the domain port to the 1024:65535 > c) I accept tcp connections from any port that's below 1024 > > Problems: > c) They can still telnet me if doin'g it as root. The same for b). > > Does anybody know the right ipfwadm rule for what I want and even > if this setup is possible? > > TIA! > > -- p. > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >
