Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Dave on June 19, 2001, 12:37:29 PM

Title: locking down internal -> external access
Post by: Dave on June 19, 2001, 12:37:29 PM

Hi everybody, (hi Dr Nick)

I'm after some pointers for restricting my users to only a few services (www, telnet, ftp). As e-smith ships anyone on the internal network has full access to the internet.

I have added ipchains to the output chain and changed the
default output policy to deny. This works for www and telnet
but breaks ftp. Any ideas?

Thanks,
Dave.

Title: Re: locking down internal -> external access
Post by: Graeme Robinson on June 25, 2001, 05:00:41 PM

have you searched the phorums - I think this issue has been delt with.