Hi, try below:- # iptables -A INPUT -p tcp -m multiport --dports 22,25,3306,8009,13722,13782,32778,32779 -j ACCEPT Imp Note:- Change your default policy to DROP by below cmd then only above iptable will work:- # iptables -L INPUT # iptables -P INPUT DROP Now only the request port will listen and all other ports will be DROP by DEFAULT POLICY. Mubeen Nakade. --- On Fri, 24/10/08, Sunil Naikwadi <[EMAIL PROTECTED]> wrote:
From: Sunil Naikwadi <[EMAIL PROTECTED]> Subject: [LinuxVadaPav] Need help in IPTABLES To: linuxvadapav@yahoogroups.com Date: Friday, 24 October, 2008, 9:56 AM Below Ports are listinig on my mail server , i want to allow only this ports only and other ports or any request other than below ports i want to block using iptabels so pleae whts the iptables i need to writes if possible send me iptables scripts for below ports [EMAIL PROTECTED] ~]# nmap -sT -sU -O localhost Starting nmap 3.70 ( http://www.insecure .org/nmap/ ) at 2008-10-24 09:50 IST Interesting ports on localhost.localdoma in (127.0.0.1): (The 3130 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 3306/tcp open mysql 8009/tcp open ajp13 13722/tcp open VeritasNetbackup 13782/tcp open VeritasNetbackup 32778/tcp open sometimes-rpc19 32779/tcp open sometimes-rpc21 Device type: general purpose Running: Linux 2.4.X|2.5.X| 2.6.X OS details: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7) Uptime 3.237 days (since Tue Oct 21 04:09:25 2008) Nmap run completed -- 1 IP address (1 host up) scanned in 2.697 seconds [EMAIL PROTECTED] ~]# -- Thanks & Regards Sunil Naikwadi 9820668120 "Think positive in life always and look for opportunities when u can help Others." [Non-text portions of this message have been removed] Add more friends to your messenger and enjoy! Go to http://messenger.yahoo.com/invite/ [Non-text portions of this message have been removed]
