[KLUG Members] IPChains problem

[members@kalamazoolinux.org]

>>>> #accept HTTP
>>>> -A input -s $myip -d 0/0 80 -p tcp -b -j ACCEPT
>>Rusty Yonkers proposed:
>>>Try 
>>>-A input -s 0/0 1024: -d $myip 1024: -p tcp -b -j ACCEPT
>>Shouldn't this be:
>>-A input -s 0/0 1024: -d $myip 80 -p tcp -b -j ACCEPT
>
>I agree, your correction is correct.
OK. 
>Remember to pay attention to order of rules.
I am. Also, a good time to post the currently re-[re-]fined set 
of rules....

-F input
-P input DENY
# Allow anything on loopback
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT

#Firewall rule for web server
-A input -s 0/0 1024: -d $myip 80 -p tcp -b -j ACCEPT

#Rules for ftp server
-A input -s 0/0 1024: -d $myip 21 -p tcp -j ACCEPT
-A input -s $myip 20 -d 0/0 1024: -p tcp -j ACCEPT

#Rules that apply as an ftp client
-A input -s $myip 1024: -d 0/0 21 -p tcp -j ACCEPT
-A input -s 0/0 20 -d $myip 1024: -p tcp -j ACCEPT

#Rule if the local host is a DNS (usually UDP)
-A input -s 0/0 1024: -s $dns1 53 -p udp -b -j ACCEPT

#Rule if the local host is a DNS (sometimes DNS is tcp)
-A input -s 0/0 1024: -s $dns 53 -p tcp -b -j ACCEPT

# Deny and log everything else.
-A input -l -j DENY

						Regards,
						---> RGB <---