On Sun, Oct 26, 2008 at 2:35 PM, mubeen nakade <[EMAIL PROTECTED]>wrote:
> > Hi, > try below:- > > # iptables -A INPUT -p tcp -m multiport > --dports 22,25,3306,8009,13722,13782,32778,32779 -j ACCEPT > > Imp Note:- Change your default policy to DROP by below cmd then only above > iptable will work:- > > # iptables -L INPUT > # iptables -P INPUT DROP > > Now only the request port will listen and all other ports will be DROP by > DEFAULT POLICY. > > Mubeen Nakade. > --- On Fri, 24/10/08, Sunil Naikwadi <[EMAIL > PROTECTED]<sunilnaikwadi04%40gmail.com>> > wrote: > > From: Sunil Naikwadi <[EMAIL PROTECTED]<sunilnaikwadi04%40gmail.com> > > > Subject: [LinuxVadaPav] Need help in IPTABLES > To: linuxvadapav@yahoogroups.com <linuxvadapav%40yahoogroups.com> > Date: Friday, 24 October, 2008, 9:56 AM > > > Below Ports are listinig on my mail server , i want to allow only this > ports > only and other ports or any request other than below ports i want to block > using iptabels > > so pleae whts the iptables i need to writes > > if possible send me iptables scripts for below ports > > [EMAIL PROTECTED] ~]# nmap -sT -sU -O localhost > > Starting nmap 3.70 ( http://www.insecure .org/nmap/ ) at 2008-10-24 09:50 > IST > Interesting ports on localhost.localdoma in (127.0.0.1): > (The 3130 ports scanned but not shown below are in state: closed) > PORT STATE SERVICE > 22/tcp open ssh > 25/tcp open smtp > 3306/tcp open mysql > 8009/tcp open ajp13 > 13722/tcp open VeritasNetbackup > 13782/tcp open VeritasNetbackup > 32778/tcp open sometimes-rpc19 > 32779/tcp open sometimes-rpc21 > Device type: general purpose > Running: Linux 2.4.X|2.5.X| 2.6.X > OS details: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7) > Uptime 3.237 days (since Tue Oct 21 04:09:25 2008) > > Nmap run completed -- 1 IP address (1 host up) scanned in 2.697 seconds > [EMAIL PROTECTED] ~]# > > -- > Thanks & Regards > Sunil Naikwadi > 9820668120 > > "Think positive in life always and look for opportunities when u can help > Others." > Hi, Try Webmin module to configure iptable rules. The web based console is self explanatory to set your rules without knowing the syntax and other complexities. Also refer iptables manual for referrance to understand how iptables are configured and used. regards, Viket [Non-text portions of this message have been removed]
