Hello to you, After the following "iptables-rules" on Linux Redhat 7.2 Server :
/etc/rc.d/rc.local : iptables -F iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL ALL -j DROP iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL NONE -j DROP iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,RST SYN,RST -j DROP iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP iptables -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -m state --state NEW,INVALID -j DROP Then, the Internet users they can only to use the port numbers ( services ) : 80 ( Web ) and 53 ( DNS )... On Linux Redhat 6.x Server, we can only to use "ipchains-rules" function : ipchains -F ipchains -A input -i eth0 -p tcp --dport 80 -j ACCEPT ipchains -A input -i eth0 -p tcp --dport 53 -j ACCEPT ipchains -A input -i eth0 -p udp --dport 53 -j ACCEPT But, how can we only allow users to use port numbers ( services ) : 80 ( Web ) and 53 ( DNS )... ? Very thank for your help ! Ed. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
