[NCLUG] blocking internet access to local machine
John L. Bass
jbass at dmsd.com
Mon Dec 2 11:22:07 MST 2002
Actually that trashes the lan traffic too. To do it with firewall
rules would require explicitly accepting the local subnet on eth0,
and having a default DENY/REJECT for all other ip's.
simply removing the default route/gateway is easier in most cases,
since the machine can not reply to any host outside the local subnet.
In redhat that generally means editing /etc/sysconfig/network
or /etc/sysconfig/network-scripts/ifcfg-eth0 and removing the
GATEWAY line, or using the GUI tool to do so.
John
From: "Jesse Courchaine" <JCourcha at Colostate.Edu>
Actually that won't work with eth0, you would have to do
/sbin/iptables -i eth0 -A INPUT -j REJECT
/sbin/iptables -i eth0 -A OUTPUT -j REJECT
-Jesse
-----Original Message-----
From: nclug-admin at nclug.org [mailto:nclug-admin at nclug.org] On Behalf Of
Jesse Courchaine
Sent: Monday, December 02, 2002 11:13 AM
To: nclug at nclug.org
Subject: RE: [NCLUG] blocking internet access to local machine
/sbin/iptables -i eth0 -P OUTPUT REJECT
/sbin/iptables -i eth0 -P INPUT REJECT
That might work.
-Jesse
-----Original Message-----
From: nclug-admin at nclug.org [mailto:nclug-admin at nclug.org] On Behalf Of
dherr at frii.com
Sent: Monday, December 02, 2002 10:22 AM
To: nclug at nclug.org
Cc: dherr at frii.com
Subject: [NCLUG] blocking internet access to local machine
Is there a way to turn off internet access in Linux, but allow LAN
access?
I thought maybe my Panasonic KX-HGW200 gateway would have this
capability,
but it doesn't look like it.
I want to have a web terminal that is able to access the local web
server,
but nothing outside the LAN.
Daniel
_______________________________________________
NCLUG mailing list NCLUG at nclug.org
To unsubscribe, subscribe, or modify your settings, go to:
http://www.nclug.org/mailman/listinfo/nclug
_______________________________________________
NCLUG mailing list NCLUG at nclug.org
To unsubscribe, subscribe, or modify your settings, go to:
http://www.nclug.org/mailman/listinfo/nclug
_______________________________________________
NCLUG mailing list NCLUG at nclug.org
To unsubscribe, subscribe, or modify your settings, go to:
http://www.nclug.org/mailman/listinfo/nclug
More information about the NCLUG
mailing list