Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPChains rules
- To: tlug@example.com
- Subject: Re: IPChains rules
- From: "A.Sajjad Zaidi" <sajjad@example.com>
- Date: Mon, 05 Mar 2001 10:39:18 +0900
- Content-Transfer-Encoding: 7bit
- Content-Type: text/plain; charset=iso-2022-jp
- Organization: Vanguard K.K.
- References: <Pine.GSO.4.05.10103020952020.918-100000@example.com>
- Reply-To: tlug@example.com
- Resent-From: tlug@example.com
- Resent-Message-ID: <kF8inC.A.UME.O5uo6@example.com>
- Resent-Sender: tlug-request@example.com
- Sender: sajjad
Thanks. Actually I forgot about the default policy. Once I did /sbin/ipchains -P input -j DENY everything worked like I wanted it to. I also installed iptables (and a new kernel) on another machine and although the syntax is slightly different, it worked. Now the only thing is finding out which service accesses which ports. I still cant figure out ftp. Secure Shell works with the following: #Allow outgoing ssh ipchains -A input -s $MY_IP -d 0.0.0.0/0 22 -p tcp -j ACCEPT ipchains -A input -s 0.0.0.0/0 22 -d $MY_IP -p tcp -j ACCEPT If ftp is allowed, it connects, but cant get any data or even a listing. A.Sajjad Zaidi "Scott M. Stone" wrote: > you're going about it wrong. first make a rule to deny EVERYTHING, then > make rules to *allow* only the ports that you want. > > > > > > > > > "Stephen J. Turnbull" wrote: > > > > > >>>>> "A" == A Sajjad Zaidi <sajjad@example.com> writes: > > > > > > A> Im trying to setup rules through IPChains so everything except > > > A> a few services are blocked. The problem is that only one port > > > A> or a range of ports can be specified. Is there a work around > > > A> for this? > > > > > > Specify the same rule multiple times, once for each port range. > > > > > > -- > > > University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN > > > Institute of Policy and Planning Sciences Tel/fax: +81 (298) 53-5091 > > > _________________ _________________ _________________ _________________ > > > What are those straight lines for? "XEmacs rules." > > > > > > ----------------------------------------------------------------------- > > > Next Technical Meeting: Prof. Jim Breen Sat, March 10 13:30- > > > Next Nomikai Meeting: Fri, April 13 19:30- Tengu Tokyo Eki Mae > > > ----------------------------------------------------------------------- > > > more info: http://www.tlug.gr.jp Sponsor: Global Online Japan > > > > ----------------------------------------------------------------------- > > Next Technical Meeting: Prof. Jim Breen Sat, March 10 13:30- > > Next Nomikai Meeting: Fri, April 13 19:30- Tengu Tokyo Eki Mae > > ----------------------------------------------------------------------- > > more info: http://www.tlug.gr.jp Sponsor: Global Online Japan > > > > > > > > -------------------------- > Scott M. Stone <sstone@example.com> > Cisco Certified Network Associate, Sun Solaris Certified Systems Administrator > UNIX Systems and Network Engineer > Taos - The SysAdmin Company > > ----------------------------------------------------------------------- > Next Technical Meeting: Prof. Jim Breen Sat, March 10 13:30- > Next Nomikai Meeting: Fri, April 13 19:30- Tengu Tokyo Eki Mae > ----------------------------------------------------------------------- > more info: http://www.tlug.gr.jp Sponsor: Global Online Japan
- Follow-Ups:
- Re: IPChains rules
- From: Darren Cook <darrenj@example.com>
- Re: IPChains rules
- References:
- Re: IPChains rules
- From: "Scott M. Stone" <sstone@example.com>
- Re: IPChains rules
- Prev by Date: Re: linux only with linux?
- Next by Date: Re: IPChains rules
- Prev by thread: Re: IPChains rules
- Next by thread: Re: IPChains rules
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |