nixCraft

recently i implemented squid server on centos5.2.This server directly connected to public IP i.e 200.227.56.131 on eth1 and my private ip 10.171.200.11 connected on eth0.when i see /var/log/messages so many IPs try to login on server error showing access denied,i written iptables below is the iptable script:
#############################################
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -F -t nat
iptables -F -t mangle
iptables -F -t filter
iptables -X
echo 1 > /proc/sys/net/ipv4/ip_forward
# LOOPBACK
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# PUBLIC INTERFACES
iptables -A OUTPUT -o eth0 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# PRIVATE INTERFACES
iptables -A INPUT -i eth1 -s 10.171.200.11/24 -j ACCEPT
iptables -A OUTPUT -o eth1 -d 0/0 -j ACCEPT
################################################## #
to this script no one connecting proxy server but Internet web pages not opening at client end.
can anyone have iptable script where i can implement on my network.


help in this regards will be highly appreciated.

Login denied message may be coming from ssh service. Try binding ssh service to private eth0 private ip by updating /etc/ssh/sshd_config and adding / updating ListenAddress:
Finally, restart sshd:
Also, turn off all unwanted network services. Once done, you can write a iptables based shell script to block everything. Do you run NAT using iptables? If you are new, get this script http://freshmeat.net/projects/iptables-firewall/ to configure firewall.

__________________
Vivek Gite
Linux Evangelist
Be proud RHEL user, and let the world know about your enterprise choices! Join RedHat user group.
Always use CODE tags for posting system output and commands!
Do you run a Linux? Let's face it, you need help