Re: Disabling X and KDM from listening on a port.

From: Fabrice MARIE (fabrice@celestix.com)
Date: 08/16/01

• Previous message: Minna Kangasluoma: "Re: Disabling X and KDM from listening on a port."
• In reply to: Rob 'Feztaa' Park: "Re: Disabling X and KDM from listening on a port."
• Next in thread: Rob 'Feztaa' Park: "Re: Disabling X and KDM from listening on a port."
• Reply: Rob 'Feztaa' Park: "Re: Disabling X and KDM from listening on a port."
• Reply: Rob 'Feztaa' Park: "Re: Disabling X and KDM from listening on a port."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Message-Id: <200108161150.f7GBoNR09421@fabrice.celestix.com>
From: Fabrice MARIE <fabrice@celestix.com>
To: Rob Feztaa Park <fezziker@home.com>
Subject: Re: Disabling X and KDM from listening on a port.
Date: Thu, 16 Aug 2001 11:49:22 +0000

Hello,

On Thursday 16 August 2001 01:21, you wrote:
> How would I implement this with iptables? I read through the iptables man
> pages, but I don't see an '-l' option anywhere.
> On Wed, 15 Aug 2001, Avery Payne (dis)graced my inbox with this:
> AP>ipchains -A input -D <localaddress> 0:1024 -l -j REJECT

In iptables, you need to do that in two lines for now,
I wrote a patch (patch-o-matic format) to have log being
a match in order to do the 2 in the same line, patch is
available at :
http://lists.samba.org/pipermail/netfilter-devel/2001-July/001699.html
A decision still need to be done by the core team
as to whether to accept it or not.

meanwhile, you have to do it in 2 rules, something like
that should be the translation of your ipchains commands :

iptables -A INPUT -p tcp -d <localaddress> --dport 0:1024 \
   -j LOG --log-prefix ' packet rejected '
iptables -A INPUT -p tcp -d <localaddress> --dport 0:1024 \
   -j REJECT --reject-with host-unreach

Have a nice day,
   
Fabrice.

-- 
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators" 
       -Unknown

---

• Previous message: Minna Kangasluoma: "Re: Disabling X and KDM from listening on a port."
• In reply to: Rob 'Feztaa' Park: "Re: Disabling X and KDM from listening on a port."
• Next in thread: Rob 'Feztaa' Park: "Re: Disabling X and KDM from listening on a port."
• Reply: Rob 'Feztaa' Park: "Re: Disabling X and KDM from listening on a port."
• Reply: Rob 'Feztaa' Park: "Re: Disabling X and KDM from listening on a port."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: FTP Setup ... It is listening on port 21: ... Could be you need to open a doorway for FTP in your firewall. ... You probably should check what's going on with iptables: ... Maybe your ISP blocks that port and you'll have to choose ... (comp.os.linux.setup) Re: FTP Setup ... It is listening on port ... Could be you need to open a doorway for FTP in your firewall. ... You probably should check what's going on with iptables: ... Maybe your ISP blocks that port and you'll have to choose ... (comp.os.linux.setup) Re: telnet on local LAN question ... Thanks in advance (this iptables stuff is a bit daunting ...), ... An additional thing to check is if you are listening on port 23. ... Roberto Ragusa mail at robertoragusa.it ... (Fedora) Re: how can i open a port ... > If it's listening, but you can't get to it from another server, you may ... > have it blocked by your firewall rules. ... I don't do iptables, so if ... > how to open up the port through your firewall. ... (RedHat) Re: FTP Setup ... It is listening on port 21: ... You probably should check what's going on with iptables: ... redundant rules or just add the new one? ... Maybe your ISP blocks that port and you'll have to choose ... (comp.os.linux.setup)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > focus-linux  > 2001-08