[no subject]

# Syslog
ipchains -A input -i eth+ -s ! 10.0.0.0/24 -d 10.0.0.0/24 syslog 
-p udp -j DENY -l

ipchains -A output -i eth+ -s  10.0.0.0/24 syslog -d ! 10.0.0.0/24
-p udp -j DENY -l

(Notice that the '!' is not butted up next to the ip, I found out that if
I did, bash would do a history substitution, such as vi some.txt). 


Michael Ghens
(Yes, I do have a life, Honest!!)

On Sat, 6 Mar 1999, John D. Hardin wrote:

> Date: Sat, 6 Mar 1999 10:08:57 -0800 (PST)
> From: John D. Hardin <jhardin wolfenet com>
> Reply-To: redhat-list redhat com
> To: redhat-list redhat com
> Subject: Re: Firewall vs shutting down inetd.conf
> Resent-Date: 6 Mar 1999 18:15:08 -0000
> Resent-From: redhat-list redhat com
> Resent-cc: recipient list not shown: ;
> 
> On Sat, 6 Mar 1999, rcarson home wrote:
> 
> > This is probably stupid but It's my understanding that /etc/inetd.conf
> > allows/dis-allows services to the outside world. If I turn off all of these
> > services, then why would I still need a firewall (complex or simplistic).
> 
> Think "defense in depth". Having a layered security system reduces the
> possible impact in a configuration error of any one layer.
> 
> --
>  John Hardin KA7OHZ                               jhardin wolfenet com
>  pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
>  PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
> -----------------------------------------------------------------------
>   If you spend any time administering Windows NT, you're far too
>   familiar with the Blue Screen of Death (BSOD) ...
>                             - "MSDN Flash" email newsletter, 2/8/1999
> -----------------------------------------------------------------------
>    75 days until Star Wars episode I
> 
> 
> -- 
>   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> 		http://www.redhat.com http://archive.redhat.com
>          To unsubscribe: mail redhat-list-request redhat com with 
>                        "unsubscribe" as the Subject.
>