Question on iptables and forwarding inward
Jeff Kinz
jkinz at kinz.org
Sat Sep 10 12:22:00 EDT 2005
On Sat, Sep 10, 2005 at 12:09:31PM -0400, Star wrote:
> Hi All,
>
> I've got a server sitting inside my firewall (netfilter/iptables) and I need
> to make it completely accessible to clients coming from specific subnets.
> I've used iptables for NATing and other uses from the inside out, but not
> for coming outside in, and since it's a windows box, I'd like to limit it so
> that it only a couple of known networks can get access to it. Port
> forwarding it ~doable~ but with all the services, I'm hoping to avoid a
> chain that long.
>
OK, win server sitting inside (behind) an iptables firewall
Allow some external (outside) network address ranges(subnets)
to have "some" access to the win server?
You use net masks on the INPUT chain to specify "ACCEPT" on
the net address ranges you want to let in, and you can even specify port
ranges (which map to services) to further refine the access.
My assumption here is that all other traffic is to be either rejected
or sent to some other system on the internal LAN?
--
speech recognition software was used in the composition of this e-mail
Jeff Kinz, Emergent Research, Hudson, MA.
¡Ya no mas!
More information about the gnhlug-discuss
mailing list