From mboxrd@z Thu Jan  1 00:00:00 1970
From: Payal Rathod <payal-iptables@staticky.com>
Subject: a small quick and dirty solution
Date: Tue, 12 Aug 2003 07:57:52 +0000
Sender: netfilter-admin@lists.netfilter.org
Message-ID: <20030812075752.GA16407@staticky.com>
Mime-Version: 1.0
Return-path: <netfilter-admin@lists.netfilter.org>
Content-Disposition: inline
Errors-To: netfilter-admin@lists.netfilter.org
List-Help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-Post: <mailto:netfilter@lists.netfilter.org>
List-Subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>,
	<mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-Id: <netfilter.vger.kernel.org>
List-Unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>,
	<mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
List-Archive: <https://lists.netfilter.org/pipermail/netfilter/>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: Netfilter ML <netfilter@lists.netfilter.org>

Hi,
I am on a linux box (mdk 9.1) which is connected to net. I want to allow
internal windows machine 192.68.10.x to browse the net and anything
(NAT). But
nobody should be allowed to access any port from outside the LAN. Except
for ftp services on port 21.
I have a problem understanding the default DROP policy and then opening
required ports. Can someone give an example on this please?

Thanks a lot in advance and bye.
With warm regards,
-Payal


-- 
For GNU/Linux Success Stories and Articles visit:
          http://payal.staticky.com