Sorry... Is there a documentation ( NOT shell script ) about "ipchains-rule" ? I'm very hard to test the following rules with the old machine ( rh 6.x )...
Thank for your help ! "Burke, Thomas G." wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I'm beginning to think this guy is a 'bot... Same question over & > over... Doesn't RTFM, and so on.... > > - -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 13, 2003 1:26 AM > To: [EMAIL PROTECTED] > Subject: Re: Firewall "ipchains-rule" questions > > Hello, > > Now, we want to allow users they can only to use the following port > numbers > ( services ), but we may need someone to help to check and modify the > "rules"... > > ipchains -F > > ipchains -A input -i eth0 -p tcp --dport 20 -j ACCEPT > ipchains -A input -i eth0 -p tcp --dport 21 -j ACCEPT > ipchains -A input -i eth0 -p tcp --dport 22 -j ACCEPT > ipchains -A input -i eth0 -p tcp --dport 25 -j ACCEPT > ipchains -A input -i eth0 -p tcp --dport 80 -j ACCEPT > ipchains -A input -i eth0 -p tcp --dport 53 -j ACCEPT > ipchains -A input -i eth0 -p udp --dport 53 -j ACCEPT > ipchains -A input -i eth0 -p tcp --dport 110 -j ACCEPT > ipchains -A input -i eth0 -p tcp --dport 143 -j ACCEPT > ipchains -A input -i eth0 -p tcp --dport 113 -j ACCEPT > ipchains -A input -i eth0 -p udp --dport 113 -j ACCEPT > ipchains -A input -i eth0 -p tcp ! -y -j ACCEPT > > ipchains --policy input DENY > ipchains --policy output DENY > > ipchains -A output -i eth0 -p tcp --sport 20 -j ACCEPT > ipchains -A output -i eth0 -p tcp --sport 21 -j ACCEPT > ipchains -A output -i eth0 -p tcp --sport 22 -j ACCEPT > ipchains -A output -i eth0 -p tcp --sport 25 -j ACCEPT > ipchains -A output -i eth0 -p tcp --sport 110 -j ACCEPT > ipchains -A output -i eth0 -p tcp --sport 143 -j ACCEPT > ipchains -A output -i eth0 -p tcp --sport 113 -j ACCEPT > ipchains -A output -i eth0 -p udp --sport 113 -j ACCEPT > ipchains -A output -i eth0 -p tcp --sport 80 -j ACCEPT > ipchains -A output -i eth0 -p tcp --sport 53 -j ACCEPT > ipchains -A output -i eth0 -p udp --sport 53 -j ACCEPT > ipchains -A output -i eth0 -p tcp ! -y -j ACCEPT > > ## Debugging rules. > ipchains -A input -s 0/0 -d 0/0 -l -j REJECT > ipchains -A output -s 0/0 -d 0/0 -l -j REJECT > > PS : if DON'T set "! -y -j ACCEPT" , can't connect to outside... > > Thank for your help ! > > - -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/redhat-list > > -----BEGIN PGP SIGNATURE----- > Version: PGP Personal Privacy 6.5.3 > > iQA/AwUBPnCDPtPjBkUEZx5AEQLvQACfWJCudwODG4TU5DcHffVUjxgfIMoAoKgn > koI666fO72ZuEq8EXn6yLH6U > =B2Gy > -----END PGP SIGNATURE----- > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
