/etc/firehol/firehol.conf:
version 5
# Accept all client traffic on any interface
# interface any world
# client all accept
DEFAULT_CLIENT_PORTS="1024:65535"
server_icq_ports="tcp/5190"
client_icq_ports="default"
interface ppp0 internet src not "${UNROUTABLE_IPS}"
policy drop
protection strong 10/sec 10
server ident reject with tcp-reset
server ssh accept
server p2p accept
client dhcp accept
client dns accept
client http accept
client https accept
client ftp accept
client ntp accept
client ssh accept
client icq accept
client jabber accept
UNMATCHED_INPUT_POLICY="DROP"
UNMATCHED_OUTPUT_POLICY="DROP"
FIREHOL_LOG_LEVEL=4
napis ako root# iptables -nL
este sa mi tam akosi nepaci tento riadok:
UNMATCHED_OUTPUT_POLICY="DROP"
ale nebudem do toho rypat, lebo sa do fireholu nerozumiem. len som zbezne pozrel, kde by mohol byt asi problem
#!/bin/sh
IPTABLES="/sbin/iptables"
$IPTABLES -F
$IPTABLES -X
$IPTABLES -P INPUT ACCEPT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -t nat -P PREROUTING ACCEPT
$IPTABLES -t nat -P OUTPUT ACCEPT
$IPTABLES -t nat -P POSTROUTING ACCEPT
$IPTABLES -t nat -F PREROUTING
$IPTABLES -t nat -F OUTPUT
$IPTABLES -t nat -F POSTROUTING
$IPTABLES -t mangle -P PREROUTING ACCEPT
$IPTABLES -t mangle -P OUTPUT ACCEPT
$IPTABLES -t mangle -F PREROUTING
$IPTABLES -t mangle -F OUTPUT
echo "1" > /proc/sys/net/ipv4/ip_forward
Tak vela stastia