Cyclades PC400 User Manual

Cyclades-PC400

42

Appendix A - Linux

Installation Manual

The output chain controls which packets are sent. A packet can be accepted by the input chain, but then rejected
by the output chain. Likewise, the forward chain controls which packets will be routed. The input chain controls
incoming packet filtering. The packet is either destined for the router or for another computer. In the latter case,
the packet is processed by the forward chain. Packets that pass through the forward chain will then be pro-
cessed by the output chain.

source and destination have the following format:

[!]

address

[/

mask

] [!][

port

[:

port

]]

! : reverses the definition, resulting in the opposite effect.
address : host or network IP
port : defines a specific port
port:port : defines a range of ports
If a source or destination is not specified then 0.0.0.0/0 is used.

protocol is one of the following:
tcp, udp, icmp, all or a protocol number (see the file /etc/protocols for a list).

target is one of the following:
ACCEPT
DENY
the name of another chain

interface is:
one of the server interfaces. Lists do not need to be associated to an interface, so this option may be omitted.

To save changes made using the ipchains command, execute fwset. This command will save the filter configu-
ration in the file /etc/network/firewall.

To delete the changes made (before fwset is executed) execute fwset restore to return to the lists previously
saved in /etc/network/firewall. Only the lists previously saved using fwset will then be defined. This command is