Transparent Firewalling
Howard Lowndes
lannet at lannet.com.au
Sun Jan 13 18:30:33 EST 2002
Simply, without any firewalling, etc. on a double homed box, eth0 and eth1
echo 1 >/proc/sys/net/ipv4/ip_forward
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A FORWARD -i eth0 -o eth1
iptables -A FORWARD -i eth1 -o eth0
To read the traffic:
iptables -L FORWARD -vnx
will give you the bytes and packets in each direction.
On Sun, 13 Jan 2002, Nathan Le Nevez wrote:
> Gurus,
>
> Does anyone out there have an in-depth knowledge of Proxy ARP? I have a
> Class C network with a gateway box (that we cant touch) and we want to
> implement some sort of IP Accounting. My idea was to stick a linux box in
> between the gateway and the rest of the network and do some IPTables rules
> but as yet have had no luck. I need to be able to set this up without
> changing the configuration of any other machines.
>
> Any help/ideas would be greatly appreciated.
>
> Cheers,
>
> Nathan
>
>
--
Howard.
LANNet Computing Associates - Your Linux people
Contact detail at http://www.lannetlinux.com
"We are either doing something, or we are not.
'Talking about' is a subset of 'not'."
More information about the linux
mailing list