From: Jan Humme <jan.humme@xs4all.nl>
To: Antony Stone <Antony@Soft-Solutions.co.uk>
Cc: netfilter@lists.samba.org
Subject: Re: I need help , please
Date: Thu, 4 Jul 2002 20:48:31 +0200 [thread overview]
Message-ID: <02070420483100.06327@Lms> (raw)
In-Reply-To: <20020704182042.XIE16050.mta01-svc.ntlworld.com@there>
On Thursday 04 July 2002 20:20, Antony Stone wrote:
> On Thursday 04 July 2002 1:00 pm, david wrote:
> > I amtrying to set a dns and proxy server
>
> I assume this means you want to run DNS and an http proxy such as squid on
> the machine running the Firewall. If this is not correct, post again and
> tell us what iptables rules you are trying to set up (which is what I was
> trying to ask).
>
> Anyway, if that is the correct assumption, how about a set of rules such as
> this ?
>
> # Standard default policies
> iptables -P INPUT DROP
> iptables -P FORWARD DROP
> iptables -P OUTPUT DROP
> # Allow in DNS requests
> iptables -A INPUT -p tcp --dport 53 -j ACCEPT
> iptables -A INPUT -p udp --dport 53 -j ACCEPT
> # Allow out DNS requests
> iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
> iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
> # Redirect http requests to local proxy
> iptables -A PREROUTING -t nat -p tcp --dport 80 -j DNAT 127.0.0.1:80
Anthony, just for my understanding: is this any different from:
iptables -A PREROUTING -t nat -p tcp --dport 80 -j REDIRECT ?
Jan Humme.
next prev parent reply other threads:[~2002-07-04 18:48 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <001e01c22321$e86018a0$2400a8c0@inq7.net>
2002-07-04 8:38 ` I need help , please david
2002-07-04 14:53 ` Antony Stone
2002-07-04 12:00 ` david
2002-07-04 18:20 ` Antony Stone
2002-07-04 18:48 ` Jan Humme [this message]
2002-07-04 18:51 ` Antony Stone
2002-07-04 18:59 ` Jan Humme
2002-07-04 19:01 ` Antony Stone
2002-07-04 19:31 ` Jan Humme
2002-07-05 8:01 Fw: " david
2002-07-05 14:23 ` Ed Street
2002-07-05 9:25 ` david
2002-07-05 16:00 ` Antony Stone
2002-07-05 10:18 ` david
2002-07-05 16:35 ` Antony Stone
2002-07-05 10:37 ` david
2002-07-05 16:45 ` Joe Patterson
2002-07-05 12:50 ` david
2002-07-05 19:03 ` Antony Stone
2002-07-05 16:54 ` Antony Stone
2002-07-05 12:56 ` david
2002-07-05 19:14 ` Antony Stone
2002-07-05 13:54 ` david
2002-07-05 20:11 ` Antony Stone
2002-07-05 14:44 ` david
2002-07-05 20:58 ` Antony Stone
2002-07-05 22:18 ` Antony Stone
2002-07-05 22:55 ` Wayne Topa
2002-07-05 16:49 ` Antony Stone
2002-07-05 17:02 ` Ed Street
2002-07-05 20:15 ` Wayne Topa
2002-07-05 18:37 ` Adam D. Barratt
-- strict thread matches above, loose matches on Subject: below --
2002-07-04 23:49 George Vieira
[not found] <001001c2230d$a8974c70$e9fea8c0@aurelius>
[not found] ` <009c01c22338$0afb0940$8703000a@aid.inf.cu>
[not found] ` <006601c2238d$7820c690$e9fea8c0@aurelius>
[not found] ` <018301c22360$b99a87a0$8703000a@aid.inf.cu>
[not found] ` <007401c22396$d3ee46b0$e9fea8c0@aurelius>
2002-07-04 15:04 ` david
2002-07-03 6:47 david
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=02070420483100.06327@Lms \
--to=jan.humme@xs4all.nl \
--cc=Antony@Soft-Solutions.co.uk \
--cc=netfilter@lists.samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox