friends + proxy + iptables

Discussion in 'Tomato Firmware' started by edylie, Aug 11, 2008.

  1. edylie

    edylie Addicted to LI Member


    I am letting my friends to access my srelay proxy but i do not wish them to use it for bitorrents or access certain destination IP

    IE lets say i wanna allow my friends to access port 80 and 53 when connecting to Srelay ...

    Anyone has built a similar iptables before?
  2. edylie

    edylie Addicted to LI Member

    this is what i have gotten so far and it works :)

    iptables -P INPUT DROP
    iptables -P OUTPUT DROP

    iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    iptables -A INPUT -i lo -j ACCEPT

    iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    iptables -A OUTPUT -o lo -j ACCEPT

    iptables -A OUTPUT -p TCP -m multiport --dports 80,443,53 -m state --state NEW -j ACCEPT

    iptables -A OUTPUT -p UDP --dport 53 -m state --state NEW -j ACCEPT
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice