PDA

View Full Version : Internal network internet access only?



Sebastian99
04-18-2008, 08:03 PM
If for example eth1 is for WAN and eth2 is for the internal network (as a gateway), what would be the code lines to only allow eth2 to access, through which my whole internal network has access, eth1 for internet use?

The idea being a form of port knock prevention so that only from the inside people can access the internet and from the outside world the computer is sort of none existence, "dead", when not in use.
And of course to counter Spoofing of various kinds.
Pretty much all my ports are closed, so that is not what I am referring to.

I read port knock information about how ports can be "knocked", close ports without daemons or programs listening behind it, and be opened.
This is sort of the question as well.

To explain it in the easiest way, simply make sure the ports can only be opened "one" way, from the inside.


Thank you. :D