----- Original Message -----
From: "Eric "Shubes"" <[EMAIL PROTECTED]>
To: <qmailtoaster-list@qmailtoaster.com>
Sent: Friday, March 02, 2007 6:37 PM
Subject: Re: [qmailtoaster] problems with install
Jim Shupert, Jr. wrote:
I did comment out the line for firewall.sh
=======================================
#The line below is wrong in the file firewall.sh:
iptables -A INPUT -s $MYIP -i ! lo -j DROP
#Did you really mean to lock out the remote connection for the person using
the machine?
#I would recommend something like this in the ssh section (you may want to
omit the -i eth0 if you don't want to specify it) and removing the line
above entirely:
iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m
cent --set
iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m
cent --update --seconds 60 --hitcount 4 -j DROP
iptables -A INPUT -s $MYIP/255.255.255.255 -p tcp -m tcp --dport 22 -j
ACCEPT
#
George S
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
