Re: help needed with iptables...

From: steve harris (steveharris1@hotmail.com)
Date: 02/10/03


From: steve harris <steveharris1@hotmail.com>
Date: Mon, 10 Feb 2003 08:07:55 -0600

Garrut wrote:

> I want to build a firewall using iptables. I want to block all ports
> from the outside except the SSH, POP, IMAP and SMTP ports. From the
> indide everything is allowed. Also there is one computer that should
> be able to access the internet, but not the internal network, that
> computer should also have limited bandwidth. Iptables is already
> running on the server with the following rules put in rc.local:
>

http://www.newriders.com/content/images/0735710996/0735710996.jpg

1st edition is for ipchains and 2nd edition includes iptables.

I have both and they are complete for just about any service you want to
run.

Steve



Relevant Pages

  • Re: IPTABLES: Per erfolgreichem SSH Login Ports =?iso-8859-15?Q?=F6ffnen?=
    ... Also sollen weitere Ports z.B. nur mit dem korrekten Keyfile ... Entkopple doch den Teil, der iptables aufruft, von dem teil, der ... wenn sich jemand per ssh einloggt. ... kommandos absetzt und keinen User-input entgegen nimmt. ...
    (de.comp.security.firewall)
  • Re: is it rational to close the 139 port
    ... You use iptables to reject all connections. ... the services on ports 22 and 80 become unavailable, ... Aptitude in particular will install extra packages that you don't need or want. ... Maybe you are running World of Warcraft under WINE, and installing it opens up port 3724. ...
    (Debian-User)
  • Re: iptables syntax error
    ... in which I have the iptables binary in the source code .I then copy the ... then source ports below 512 will be mapped to other ports below 512: ... # Difference between SNAT and MASQUERADE? ... # connections will survive a reconnect. ...
    (comp.os.linux.networking)
  • Re: iptables syntax error
    ... in which I have the iptables binary in the source code .I then copy the ... then source ports below 512 will be mapped to other ports below 512: ... # Difference between SNAT and MASQUERADE? ... # connections will survive a reconnect. ...
    (comp.os.linux.networking)
  • Re: [kde] Im feeling paranoid - with good reason.
    ... There should be a script in /etc/rc.d/init.d that starts iptables and loads ... the ruleset in /etc/sysconfig/iptables. ... Things like suse2 firewall. ... Check for open ports by running nmap localhost. ...
    (KDE)