On Fri, 2003-04-18 at 12:31, Paul Aitken wrote:
> Hey,
>
> I was a little tired when I typed that. Let me rephrase it a little.
> This is what I want to happen:
> I want my computer (192.168.1.2) to have internet using the router. I don't
> want any other computers on the internal network to have internet, except
> for the linux router.
>
> I am wanting to block all connections, outgoing and incoming.
This is off the top of my head, but I think this will work:
# flush any existing rules
iptables -F
iptables -t nat -F
# masquerade anything outbound
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# allow only traffic for 192.168.1.2 in and out, log and drop all else
iptables -A FORWARD -d 192.168.1.2 -j ACCEPT
iptables -A FORWARD -s 192.168.1.2 -j ACCEPT
iptables -A FORWARD -j LOG --log-prefix "DROP FORWARD: "
iptables -A FORWARD -j DROP
# enable routing
echo 1 > /proc/sys/net/ipv4/ip_forward
of course, the firewall itself will be able to get out unless you put an
appropriate DROP rule in the OUTPUT table.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
#!/usr/bin/perl -w
$_='while(read+STDIN,$_,2048){$a=29;$b=73;$c=142;$t=255;@t=map
{$_%16or$t^=$c^=($m=(11,10,116,100,11,122,20,100)[$_/16%8])&110;
$t^=(72,@z=(64,72,$a^=12*($_%16-2?0:$m&17)),$b^=$_%64?12:0,@z)
[$_%8]}(16..271);if((@a=unx"C*",$_)[20]&48){$h=5;$_=unxb24,join
"",@b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/...$/1$&/;$d=
unxV,xb25,$_;$e=256|(ord$b[4])<<9|ord$b[3];$d=$d>>8^($f=$t&($d
>>12^$d>>4^$d^$d/8))<<17,$e=$e>>8^($t&($g=($q=$e>>14&7^$e)^$q*
8^$q<<6))<<9,$_=$t[$_]^(($h>>=8)+=$f+(~$g&$t))for@a[128..$#a]}
print+x"C*",@a}';s/x/pack+/g;eval
usage: qrpff 153 2 8 105 225 < /mnt/dvd/VOB_FILENAME \
| extract_mpeg2 | mpeg2dec -
http://www.cs.cmu.edu/~dst/DeCSS/Gallery/
http://www.eff.org/ http://www.anti-dmca.org/
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:11:12 EDT