IPCHAINS just is not working!
I've been trying to get a firewall set up on my home computer. This is
important, as I'm using a DSL connection. I've read most of both the
ipchains and firewall HOW-TO's, and the ipchains program makes sense to
me. However, none of the rules that I add seem to be enforced by my
machine. I checked /proc/net to see if support for firewalls was compiled
into the kernel, and ip_fwchains was indeed listed. I'm able to execute
ipchains commands without receiving any error messages, but my workstation
just doesn't comply with them.
For example, in the IPCHAINS-HOWTO, the author tells us how we can block
any machine from pinging us, and tells us specifically how to do it. To
test it, I did exactly as he described:
[root@va /root]# ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) from 127.0.0.1 : 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=255 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=255 time=0.1 ms
--- 127.0.0.1 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.1/0.1 ms
[root@va /root]# ipchains -A input -s 127.0.0.1 -icmp -j DENY
[root@va /root]# ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) from 127.0.0.1 : 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=255 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=255 time=0.1 ms
--- 127.0.0.1 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.1/0.1 ms
--
However, contrary to what he described, my ping went through. His was
never received. What am I doing wrong here?
--Chris
-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.**-**.com/ - The #1 Newsgroup Service in the World!
-----== Over 80,000 Newsgroups - 16 Different Servers! =-----