Re: iptables & tcp wrappers

• Previous message: Bowes, Ronald (EST): "RE: iptables & tcp wrappers"
• In reply to: Meatplow: "iptables & tcp wrappers"
• Next in thread: Whelan, Paul: "RE: iptables & tcp wrappers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 28 Sep 2004 14:16:31 +0500
To: "Meatplow" <greg@meatplow.com>

Hello Meatplow,

Saturday, September 25, 2004, 1:57:26 AM, you wrote:

finding line numbers is simple.
--line-numbers.
if you need to restrict ssh for everyone except those you trust,
something like this is fine and flexible.

TRUSTEDHOSTS="1.2.3.4 5.6.7.8"

for host in $TRUSTEDHOSTS do;
    iptables -A INPUT -j ACCEPT -p tcp -s $host --dport ssh
done;

iptables -A INPUT -j DROP -p tcp --dport ssh

As for collecting statistics for the non-trusted attempts, you can make use of
the iptables LOG target. Get the iptables-tutorial document, I believe
this is the best guide to iptables and to the theory of firewalls in
general.
Luck!

M> -----BEGIN PGP SIGNED MESSAGE-----
M> Hash: SHA1

M> Hello.

M> I'm running RH Enterprise edition.

M> I'm relatively new to iptables. I am getting the common intrusion
M> attempts with some of the common uses of test/guest/root/ and a
M> couple others I've been able to add the IPs to the to iptables.,
M> but
M> I'd really like a log that tells me the info that I want to know.

M> My basic input command is this :
M> #iptables -A INPUT -p tcp -s PUT_IP_HERE -d 0/0 --syn -j DROP

M> iptables seem a little convoluted. Example. To delete a line -
M> supposedly give it a line and it will be deleted/modified. My
M> problem is even with #iptable -L -v there is no line number ?

M> My goal is to block all incoming ssh attempts except IP#.
M> This is where I got into hosts.allow/deny as mentioned below.

M> I've tried to find many different types of commands and it works to
M> some degree, but not the way I'd expect it to.

M> Any help would be appreciated. I'm not completely sure that I
M> understand iptables as well as I want/need to. I've also toyed
M> around with the hosts.allow/hosts.deny and have not been successful.

M> I know that there is a lot of info in here, and I'm tired. I'll
M> leave it at that

M> Thanks in advance for your time and help.

M> Meatplow
M> greg ta meatplow.com

M> Thanks again.

M> -----BEGIN PGP SIGNATURE-----
M> Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

M> iQA/AwUBQVSBsR42gIcyjrnjEQJIqwCfWAShp7r+J1XNNjQq6sbvvD03WZ8AoNrg
M> ctQ837g5pQDafgBhTTeeMr1V
M> =niWK
M> -----END PGP SIGNATURE-----

-- 
Best regards,
 Ed                            mailto:stealth@arminco.com

• Previous message: Bowes, Ronald (EST): "RE: iptables & tcp wrappers"
• In reply to: Meatplow: "iptables & tcp wrappers"
• Next in thread: Whelan, Paul: "RE: iptables & tcp wrappers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]