Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

Router:Linux - Debian: Difference between revisions

m
Add missing --state to iptables commands
m (Correct pppd -> ppp)
m (Add missing --state to iptables commands)
iptables -A INPUT -p icmp -m comment --comment "Accept all ICMP" -j ACCEPT
iptables -A INPUT -i eth1 -m comment --comment "Accept all from the LAN" -j ACCEPT
iptables -A INPUT -i pppoe-aaisp -m state --state RELATED,ESTABLISHED -m comment --comment "Allow return traffic" -j ACCEPT
iptables -A INPUT -m comment --comment "Reject all remaining traffic" -j REJECT
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -o pppoe-aaisp -m comment --comment "Clamp MSS for traffic going via PPP" -j TCPMSS --clamp-mss-to-pmtu
iptables -A FORWARD -i eth1 -o pppoe-aaisp -m comment --comment "Allow traffic from LAN -> internet" -j ACCEPT
iptables -A FORWARD -i pppoe-aaisp -o eth1 -m state --state RELATED,ESTABLISHED -m comment --comment "Allow return traffic from internet -> LAN" -j ACCEPT
iptables -A FORWARD -m comment --comment "Reject all remaining traffic" -j REJECT
51

edits