Hi Anurag!
I might be mistaken. If you drop all rules on the outer firewall, this
machine probably already should answer ident requests (assuming all standard
rules are set to accept). In that case adding an extra accept rule makes no
sense. But maybe your SuSE box is more restrictive? If this is true, you
probably shouldn't be able to do anything after dropping all the rules though.
Anyhow, in the case I mentioned earlier, I have the input and forward chains
set to deny, so in that case I need the following rule to allow ident requests
and be able to read newsgroups:
ipchains -A input -i ippp0 -p tcp -y -s 0.0.0.0/0 113 -l -j ACCEPT
The ident requests are answered by the outer firewall in your case. You could
add a source address if you only want to answer idents from the ISP where you
upload to.
I could send you the full firewall rules I use for this ISDN router, but I am
not sure that is of any interest to you. Maybe it gives you some new insights
though.
Well, CU,
Leonard.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
