filter packet

view story

http://www.unix.com – Exercise: Protection of WEB and DNS servers using the context-free rules for packet filtering: - Protect your WEB-server, so that would be for him can be accessed by browsers, and could go to dns. - Protect your primary DNS-server so that it could be to contact clients and secondary servers. - Allow ICMP ping to / from your site (s). - the rest is declined. My solution that: Code: #service iptables start #iptables -P INPUT DROP #iptables -P OUTPUT DROP #iptables -P FORWARD DROP #iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT #iptables -A OUTPUT -p icmp --icm (HowTos)