On Sat, Sep 08, 2001 at 03:15:01PM +1000, Skeeve Stevens wrote:
>
> Anyone have any good examples of port blocking with iptables?
>
I think what this all boils down to, is what stance you are taking. For example, I
deny everything and then only
allow ports that I need, ssh,smtp,http,https. So I create an initial DROP all, and
then add the appropriate INPUT
and PREROUTING rules after.
My rules, at home, are allow everything from the inside out to the internet, only
allow ports mentioned above from
internet to inside, and then some admin services to connect to the internal interface
of the firewall.
It is much easier to block everything, then add what you need later.
For reference:
http://www.linuxguruz.org/iptables/howto/iptables-HOWTO-6.html
-tflat
--
James F. Wilkus
<t f l a t @ a s t r o c r e e p . n e t>
*nix SysAdmin, 'rewt shells are sweet.'
http://astrocreep.net || irc.openprojects.net #tflat
&geek if $tflat;
PGP FingerPrint: E087 9CB8 5516 311D FD8C 14C8 9765 76B4 7A25 1E76
PGP Key: 7A251E76
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
