[WLUG] Need IPTABLES help please
Jay Nugent
jjn at nuge.com
Thu Jan 2 21:12:50 EST 2020
Greetings,
I really suck at IPTABLES, so I've been reluctant to delve into this
problem and thought that direction from a knowledable advisor would be
better than just getting frustrated and putting it off for another month,
or two, or a year. There is no IPTABLES firewall currently configured
per 'iptables -L'.
Here is what I have:
o A Raspberry-Pi sitting on my LAN (192.168.1.46)
o An instance on JNOS packet Radio software that runs its own IP
stack and talks to the Linux IP stack through a Tunnel (TUN0) with
192.168.1.45 on the Linux end and 192.168.1.44 on the JNOS end.
NOTE: 192.168.1.44 is Proxy ARPed onto the ETH0 interface
Routing all works fine, as packets addressed to 192.168.1.44 on the LAN
are received by the Linux IP stack and are routed up the Tunnel to JNOS,
and vice verse.
Here is what I need IPTABLES to do:
o Block all TELNET(23), FTP(20,21), and SMTP(25) inbound connections
from the ETH0 interface on the LAN that are destined up the Tunnel
to JNOS (192.168.1.44).
o It would be nice to *not* block these services from the
Raspberry-Pi itself, for Telnet especially.
Can anyone assist with the rules I'll need to enter?
Thanks!
--- Jay Nugent WB8TKL
More information about the washlug
mailing list