Re: how many iptables rules can a VPS have

On 24 May 2024 23:23:44 BST, Andy Smith wrote: >You will likely get better performance if you switch to nftables and >use an ipset to hold all the bans, though I've no idea how easy >that is to configure with fail2ban. It's easy, supported out of the box. I have been using nftables for years

Re: how many iptables rules can a VPS have

Hi, On Sat, May 25, 2024 at 06:04:34AM +0800, Northwind wrote: > I have been using a KVM vps with 2G ram, 2 cores. > due to fail2ban jobs, iptables in this vps has dropped 3000+ black IPs. > may I ask how max iptables rules the VPS can have? It depends upon the kind of rule but for

how many iptables rules can a VPS have

Hello I have been using a KVM vps with 2G ram, 2 cores. due to fail2ban jobs, iptables in this vps has dropped 3000+ black IPs. may I ask how max iptables rules the VPS can have? does many iptables rules influence the networking performance? Thanks

Re: How can I enable ufw firewall tool with an existing set of iptables rules?

On Mon, Aug 28, 2017 at 15:54 Joe wrote: ... I confess to no specific knowledge here, but I suspect none of the > firewall front-ends will accommodate an arbitrary iptables ruleset, as > the front-ends impose their own structure which would almost certainly > conflict. >

Re: How can I enable ufw firewall tool with an existing set of iptables rules?

On Mon, Aug 28, 2017 at 15:49 Alexander V. Makartsev <avbe...@gmail.com> wrote: > Smart way to do it is to setup a cron job to run shell script that will > flush (or restore to default working ruleset) iptables rules every 10 > minutes. Thanks, Alexander. -Tom

Re: How can I enable ufw firewall tool with an existing set of iptables rules?

On Mon, 28 Aug 2017 20:01:54 + Tom Browder <tom.brow...@gmail.com> wrote: > Installing and enabling ufw sounds easy, but how is the existing set > of iptables rules treated? I want to use ufw on a remote server and > losing ssh would be disastrous! > I confess to no speci

Re: How can I enable ufw firewall tool with an existing set of iptables rules?

Smart way to do it is to setup a cron job to run shell script that will flush (or restore to default working ruleset) iptables rules every 10 minutes. With this approach, even if you mess up your iptables rules and loose ssh, you can simply wait for 10 minutes and reconnect to ssh. Take your time

How can I enable ufw firewall tool with an existing set of iptables rules?

Installing and enabling ufw sounds easy, but how is the existing set of iptables rules treated? I want to use ufw on a remote server and losing ssh would be disastrous! Thanks. -Tom

Re: How do packages that modify iptables rules prevent race conditions?

Patrick Schleizer a écrit : > > as I just learned on the mailing list, that at least the packages > fail2ban and miniupnpd [and most likely arno-iptables-firewall also] > modify iptables rules... Firewall managers such as ufw, shorewall, firestarter... Custom iptables

Re: How do packages that modify iptables rules prevent race conditions?

Le 12/11/2015 20:47, Pascal Hambourg a écrit : > Patrick Schleizer a écrit : >> as I just learned on the mailing list, that at least the packages >> fail2ban and miniupnpd [and most likely arno-iptables-firewall also] >> modify iptables rules... > Firewall manager

Re: How do packages that modify iptables rules prevent race conditions?

Patrick Schleizer writes: > I.e. two packages trying to add iptables rules at the same time and > thereby failing to do so? They can't do that as each call to iptables locks the table be operated on. Without -w iptables exits when it can't get the lock. With -w it waits. Pascal Hambourg

Are there packages that modify iptables rules?

Hi, are there packages that modify the system's iptables rules? Cheers, Patrick

Re: Are there packages that modify iptables rules?

Patrick Schleizer <patrick-mailingli...@whonix.org> wrote: > are there packages that modify the system's iptables rules? fail2ban miniupnpd Grüße, Sven. -- Sigmentation fault. Core dumped.

How do packages that modify iptables rules prevent race conditions?

Hi, as I just learned on the mailing list, that at least the packages fail2ban and miniupnpd [and most likely arno-iptables-firewall also] modify iptables rules... Is there a chance for race conditions? I.e. two packages trying to add iptables rules at the same time and thereby failing to do so

Re: How do packages that modify iptables rules prevent race conditions?

I think that the best solution would be for the script to construct a single iptables command string and then run it. -- John Hasler jhas...@newsguy.com Elmwood, WI USA

Re: How do packages that modify iptables rules prevent race conditions?

Patrick Schleizer <patrick-mailingli...@whonix.org> wrote: > as I just learned on the mailing list, that at least the packages > fail2ban and miniupnpd [and most likely arno-iptables-firewall also] > modify iptables rules... > Is there a chance for race conditions? I.e. t

Re: iptables rules disappear

On 03/25/2015 02:06 PM, Linux4Bene wrote: Op Wed, 25 Mar 2015 11:46:21 +0100, schreef Diogene Laerce: Hi, I have a strange behavior of iptables lately : all rules are cleaned up after a few minutes. iptables-persistent is installed and if I reboot just after restoring all rules, all

Re: iptables rules disappear

Op Wed, 25 Mar 2015 11:46:21 +0100, schreef Diogene Laerce: Hi, I have a strange behavior of iptables lately : all rules are cleaned up after a few minutes. iptables-persistent is installed and if I reboot just after restoring all rules, all rules are still loaded. But a few minutes

iptables rules disappear

Hi, I have a strange behavior of iptables lately : all rules are cleaned up after a few minutes. iptables-persistent is installed and if I reboot just after restoring all rules, all rules are still loaded. But a few minutes later, they are all cleaned up. The same happens whenever I load them

Re: how to store iptables rules

On Saturday 24 January 2009, abdelkader belahcene abelahc...@gmail.com wrote about 'how to store iptables rules': please i want to save the iptables for next sessions, now I have to run iptables after each reboot. I tried iptables-save, it did't. Search the archive, there was a discussion about

Re: how to store iptables rules

edits to my iptables rules in a shell script that I source when I want to change them, I'm not too worried about that, but you can see several alternate solutions from the link above. Hope this helps! -- Paul Cartwright Registered Linux user # 367800 Registered Ubuntu User #12459

how to store iptables rules

hi, please i want to save the iptables for next sessions, now I have to run iptables after each reboot. I tried iptables-save, it did't. thanks for help bela

Re: how to store iptables rules

On Saturday 24 January 2009 12:34:52 abdelkader belahcene wrote: hi, please i want to save the iptables for next sessions, now I have to run iptables after each reboot. I tried iptables-save, it did't. thanks for help bela Redirect it to a file: iptables-save target-file You will also

Re: Debian way to set up iptables rules?

binwUFROmPogU.bin Description: application/pgp-encrypted msg.asc Description: Binary data

Re: Debian way to set up iptables rules?

On Mon, Jan 05, 2009 at 08:59:54PM +0100, Christoph Anton Mitterer wrote: Hi. Which is the default/designated way in Debian to set up iptables rules on system boot? I mean the /etc/init.d scripts is long gone... ;) Thanks, Chris. I used to use iptables, until I found Shorewall. It's

Re: Debian way to set up iptables rules?

On Tue, 6 Jan 2009 11:35:32 -0500 Michael Pobega pob...@gmail.com wrote: ... Edit: I resent this message because something went wrong with the last...I have no clue what happened. It hit the list encrypted. Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email

Re: Debian way to set up iptables rules?

On Mon, Jan 5, 2009 at 11:38 PM, Nate Bargmann n...@n0nb.us wrote: * Christoph Anton Mitterer cales...@scientia.net [2009 Jan 05 14:02 -0600]: Hi. Which is the default/designated way in Debian to set up iptables rules on system boot? You could use post-up and pre-up hooks in /etc/network

Re: Debian way to set up iptables rules?

Which is the default/designated way in Debian to set up iptables rules on system boot? The GPLed Firestarter can generate a set of script, though it rids any CLI configurations. -- Koh Choon Lin -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject

Debian way to set up iptables rules?

Hi. Which is the default/designated way in Debian to set up iptables rules on system boot? I mean the /etc/init.d scripts is long gone... ;) Thanks, Chris. smime.p7s Description: S/MIME cryptographic signature

Re: Debian way to set up iptables rules?

Christoph Anton Mitterer wrote: Which is the default/designated way in Debian to set up iptables rules on system boot? I would put them in an init.d script. I mean the /etc/init.d scripts is long gone... ;) Which script(s) are you referring to? I had to create my own. - Ken

Re: Debian way to set up iptables rules?

On Monday 2009 January 05 13:59:54 Christoph Anton Mitterer wrote: Which is the default/designated way in Debian to set up iptables rules on system boot? I've just been calling iptables-restore from rc.local and calling iptables-save as needed. I'd love to know if there is a more official way

Re: Debian way to set up iptables rules?

On Mon, 2009-01-05 at 12:31 -0800, Ken Teague wrote: Which script(s) are you referring to? I had to create my own. Uhm until iptables 1.2.7-8 or so a init.d script was provided with the package... Chris. smime.p7s Description: S/MIME cryptographic signature

Re: Debian way to set up iptables rules?

* Christoph Anton Mitterer cales...@scientia.net [2009 Jan 05 14:02 -0600]: Hi. Which is the default/designated way in Debian to set up iptables rules on system boot? I mean the /etc/init.d scripts is long gone... ;) I've been using Firehol on client machines like my laptop or stand-alone

Re: Where debian save iptables rules?

The way I do it... Create a file /etc/network/if-up.d/firewall.sh , make sure it is executable. In that file put all the iptables rules you want and since it is bash scripting you can get pretty fancy. Then in /etc/network/interfaces add the following line to one of the interface definitions, 'up

Where debian save iptables rules?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Is there a debian way to save and load iptables rule when system boot or interface active? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

Re: Where debian save iptables rules?

On Thu, 12 Jun 2008, Ding Honghui [EMAIL PROTECTED] writes: Is there a debian way to save and load iptables rule when system boot or interface active? See scripts under /etc/network/if-{up,down}.d directories. Also, interfaces(5) manual would be helpful. Regards. -- To UNSUBSCRIBE, email

[OT] Reihenfolge der iptables rules

Hi, ich baue gerade eine kleine Firewall für dem Übergang zwischen Wlan und dem restlichen Netzwerk, bisher habe ich meine Firewalls immer unter OBSD mit PF oder PIXen erstellt, geht aber diesesmal aufgrund einiger Besonderheiten nicht... Ich stoße bei dem erstellen der rules auf ein Problem:

Re: [OT] Reihenfolge der iptables rules

On Thu, Jun 01, 2006 at 12:07:15PM +0200, Chris C. wrote: ich baue gerade eine kleine Firewall für dem Übergang zwischen Wlan und dem restlichen Netzwerk, bisher habe ich meine Firewalls immer unter OBSD mit PF oder PIXen erstellt, geht aber diesesmal aufgrund einiger Besonderheiten

Re: [OT] Reihenfolge der iptables rules

Chris C. [EMAIL PROTECTED] schrieb am Thu, Jun 01, 2006 at 12:07:15PM +0200: Hi, ich baue gerade eine kleine Firewall für dem Übergang zwischen Wlan und dem restlichen Netzwerk, bisher habe ich meine Firewalls immer unter OBSD mit PF oder PIXen erstellt, geht aber diesesmal aufgrund

Re: [OT] Reihenfolge der iptables rules

Am Donnerstag 01 Juni 2006 12:40 schrieb Christoph Haas: On Thu, Jun 01, 2006 at 12:07:15PM +0200, Chris C. wrote: [...] Du benutzt eine etwas ungewöhnliche Reihenfolge. Normalerweise baut man einen Regelsatz so auf, dass man das erlaubt, was erlaubt sein soll. Und am Ende kommt die große

Re: [OT] Reihenfolge der iptables rules

Gruesse! * Chris C. [EMAIL PROTECTED] schrieb am [01.06.06 12:07]: Hi, ich baue gerade eine kleine Firewall für dem Übergang zwischen Wlan und dem restlichen Netzwerk, bisher habe ich meine Firewalls immer unter OBSD mit PF oder PIXen erstellt, geht aber diesesmal aufgrund einiger

Re: [OT] Reihenfolge der iptables rules

Hi, Chris C. wrote: Hi, [..] wird die ja doch sehr grobe letzte Regel einfach ignoriert (vermutlich wegen den Rejects darüber), setze ich -A INPUT -d localhost ganz nach oben, läuft alles. Für eben diesen Fall gibts bei pf pass in quick (PF geht nach meinem verständis erst alle Regeln

Re: [OT] Reihenfolge der iptables rules

On Thu, Jun 01, 2006 at 12:07:15PM +0200, Chris C. wrote: [...] da die Rule am Ende angefügt wird und somit garnicht erst gelesen wird. Alle Regeln entfernen oder irgendwie dazwischenquetschen ist ja auch nicht sehr elegant. Es gibt kein dazwischenquetschen aber es gibt ein Einfuegen an

Re: [OT] Reihenfolge der iptables rules

Am Donnerstag 01 Juni 2006 15:44 schrieb Juergen Christoffel: On Thu, Jun 01, 2006 at 12:07:15PM +0200, Chris C. wrote: [...] da die Rule am Ende angefügt wird und somit garnicht erst gelesen wird. Alle Regeln entfernen oder irgendwie dazwischenquetschen ist ja auch nicht sehr elegant.

Re: [OT] Reihenfolge der iptables rules

Am Donnerstag, 1. Juni 2006 17:10 schrieb Chris C.: Am Donnerstag 01 Juni 2006 15:44 schrieb Juergen Christoffel: On Thu, Jun 01, 2006 at 12:07:15PM +0200, Chris C. wrote: [...] da die Rule am Ende angefügt wird und somit garnicht erst gelesen wird. Alle Regeln entfernen oder irgendwie

Re: [OT] Reihenfolge der iptables rules

On Thu, Jun 01, 2006 at 05:40:25PM +0200, Thomas Gräber wrote: Im Gegensatz zu pf, wenn ich das richtig verstanden habe, arbeitet iptables die Regeln von oben nach unten ab und nimmt die erste Regel, die passt, alle darunter werden für das Paket dann ignoriert. Jein: zwar arbeitet iptables

Re: [OT] Reihenfolge der iptables rules

On Thu, Jun 01, 2006 at 05:10:19PM +0200, Chris C. wrote: Am Donnerstag 01 Juni 2006 15:44 schrieb Juergen Christoffel: Es gibt kein dazwischenquetschen aber es gibt ein Einfuegen an einer bestimmten Position mittels -I int anstatt -A. Ja, ich hatte die Doku auf netfilter.org zwar

How to save the iptables rules for booting?

Fellows, I know the script /etc/init.d/iptables can be used to save the rules. I made it save in the active rule set. But what is the standard way to run /etc/init.d/iptables load active at boot time. I manually added a symbolic link to the /etc/rcS.d folder for /etc/init.d/iptables

Re: How to save the iptables rules for booting?

- From: [EMAIL PROTECTED] [EMAIL PROTECTED] Date: Sun, 1 Aug 2004 16:17:07 +0300 Subject: How to save the iptables rules for booting? To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Fellows, I know the script /etc/init.d/iptables can be used to save the rules. I made it save

RE: How to save the iptables rules for booting?

this. Is it? Please advice. Regards, -Nabil -Original Message- From: Jon [mailto:[EMAIL PROTECTED] Sent: Sunday, August 01, 2004 5:00 PM To: Nabil MALIK / KTEFH - OTAS Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: How to save the iptables rules for booting? Actually, calling

Re: How to save the iptables rules for booting?

On Sun, Aug 01, 2004 at 05:40:57PM +0300, [EMAIL PROTECTED] wrote: But that would be just like running /etc/init.d/iptables. But what we need is running the command '/etc/init.d/iptables start'. I tried to make a link with the start parameter like ln -s /etc/init.d/iptables

Re: saving iptables rules?

eyer wrote: Darryl Luff wrote: Ralph Crongeyer wrote: How does one save iptables rules in Debian "Unstable/SID"? I've tried iptables-save and get some output with no errors, but when I reboot all my rules are gone? Is there a "Debian w

Re: saving iptables rules?

On Sun, 13 Jun 2004 08:15 am, Ralph Crongeyer wrote: Darryl Luff wrote: Ralph Crongeyer wrote: How does one save iptables rules in Debian Unstable/SID? I've tried iptables-save and get some output with no errors, but when I reboot all my rules are gone? Is there a Debian way of doing

Re: saving iptables rules?

Thanks Adam, but there is no "/etc/init.d/iptables" file on SID? Any other suggestions? Ralph Adam Aube wrote: Ralph Crongeyer wrote: How does one save iptables rules in Debian "Unstable/SID"? I've tried iptables-save and get some output with no errors, but

Re: saving iptables rules?

Darryl Luff wrote: Ralph Crongeyer wrote: How does one save iptables rules in Debian Unstable/SID? I've tried iptables-save and get some output with no errors, but when I reboot all my rules are gone? Is there a Debian way of doing this? Rather than write my own startup script I want to find

saving iptables rules?

How does one save iptables rules in Debian Unstable/SID? I've tried iptables-save and get some output with no errors, but when I reboot all my rules are gone? Is there a Debian way of doing this? Rather than write my own startup script I want to find out if there's a standard way of doing

Re: saving iptables rules?

Ralph Crongeyer wrote: How does one save iptables rules in Debian Unstable/SID? I've tried iptables-save and get some output with no errors, but when I reboot all my rules are gone? Is there a Debian way of doing this? Rather than write my own startup script I want to find out if there's

Re: saving iptables rules?

Ralph Crongeyer wrote: How does one save iptables rules in Debian Unstable/SID? I've tried iptables-save and get some output with no errors, but when I reboot all my rules are gone? /etc/init.d/iptables save active Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject

Re: saving iptables rules?

On Fri, 11 Jun 2004, Adam Aube wrote: Ralph Crongeyer wrote: How does one save iptables rules in Debian Unstable/SID? I've tried iptables-save and get some output with no errors, but when I reboot all my rules are gone? /etc/init.d/iptables save active Except that is just a hold over

Re: saving iptables rules?

Ralph Crongeyer wrote: How does one save iptables rules in Debian Unstable/SID? I've tried iptables-save and get some output with no errors, but when I reboot all my rules are gone? Is there a Debian way of doing this? Rather than write my own startup script I want to find out if there's

Re: saving iptables rules?

Jaldhar H. Vyas wrote: On Fri, 11 Jun 2004, Adam Aube wrote: /etc/init.d/iptables save active Except that is just a hold over from old versions of the package. It doesn't exist in new installs. Odd that it would be removed without a suitable replacement provided. Adam -- To

Re: [iptables] rules zwischen subnetzwerken

Am Son, den 04.01.2004 schrieb Michelle Konzack um 17:26: Linux 3.0.38 Öm? Send source... signature.asc Description: Dies ist ein digital signierter Nachrichtenteil

Re: [iptables] rules zwischen subnetzwerken

Am 2004-01-07 23:24:30, schrieb Marcus Fihlon: Am Son, den 04.01.2004 schrieb Michelle Konzack um 17:26: Linux 3.0.38 Öm? Send source... Kannste noch ein paar Jahre warten ? Die Versionsnummer ist bereits fertig entwickelt, aber der Rest der Kernel-Developer kommt mit meiner

[iptables] rules zwischen subnetzwerken

Hallo, da ich bis jetzt auf meinem alten router nur mit Linux 3.0.38 und 'ipfwadm' gearbeitet habe, verstehe ich mit 'iptables' fast nur Bahnhof... Habe folgendes: ppp0ADSLwanadoo.fr eth0 192.168.1.0/26publicnet Web-Server, access-server, DNS, ... eth1

Re: [iptables] rules zwischen subnetzwerken

am Sun, dem 04.01.2004, um 17:26:37 +0100 mailte Michelle Konzack folgendes: Ein iptables-Guru verfügbar ? Guru nun nicht gerade. Also, ich würde in der Inbetriebnahmephase erst einmal zum Schluß aller Regelketten loggen. Dann: ist ip_forward eingeschaltet? Was sagt cat

Re: [iptables] rules zwischen subnetzwerken

Am 2004-01-04 18:07:35, schrieb Andreas Kretschmer: am Sun, dem 04.01.2004, um 17:26:37 +0100 mailte Michelle Konzack folgendes: Ein iptables-Guru verfügbar ? Guru nun nicht gerade. Also, ich würde in der Inbetriebnahmephase erst einmal zum Schluß aller Regelketten loggen. Dann: ist

A bit OT: iptables rules for simple network traffic accounting

I'm using a very simple technique for keeping a count of the traffic volume through my Internet connection, using 2 additional iptables rules and a script run regularly by cron, but the amount of available packages that deal with this issue, involving daemons and whatnot, makes me wonder if my

my guess as to where to put the dialup iptables rules

Regarding Rusty's Really Quick Guide To Packet Filtering /usr/share/doc/iptables/html/packet-filtering-HOWTO.html#toc5 where are we supposed to put that? /etc/network/if-pre-up.d/somefile I suppose. If you tell me to put it in /etc/ppp/ip-up.d I will tell you that it only needs to be run

Re: my guess as to where to put the dialup iptables rules

One thing that you could do, since you've installed iptables, is setup all the chains manually. Then run (as root) /etc/init.d/iptables save active And if you always want them to be the same /etc/init.d/iptables save inactive. This will save the chains so that they start up everytime that you

Re: my guess as to where to put the dialup iptables rules

m == marshal [EMAIL PROTECTED] writes: m One thing that you could do, since you've installed iptables, is setup m all the chains manually. Then run (as root) m /etc/init.d/iptables save active m And if you always want them to be the same m /etc/init.d/iptables save inactive. m This will

Re: iptables rules

Subject: iptables rules Date: Thu, Aug 02, 2001 at 12:18:14PM +1000 In reply to:Renai LeMay Quoting Renai LeMay([EMAIL PROTECTED]): Hi, I'm running 2.4.7 on a workstation machine with sid, and I'd like to set up simple firewalling rules on my machine. From a security

iptables rules

Hi, I'm running 2.4.7 on a workstation machine with sid, and I'd like to set up simple firewalling rules on my machine. From a security point of view, I don't have any services available, they're all disabled, so all I need to be able to do is web browse, check email, irc, icq, etc, while

Re: iptables rules

Renai, Can someone give me some advice on how to setup some simple rules as well as having them refreshed when I restart? I'd be happy to send you my iptables script if you like. But it's really best to craft one yourself so you'll really understand what you are doing along the way. That

Re: iptables rules and open ports

: Monday, February 12, 2001 11:33 PM Subject: iptables rules and open ports I have stand alone workstation withour any network, so I am trying to keep all ports close. I run kernel 2.4 with iptables. Recent scaning (by www.dslreports.com) shows that ports 13,22,37 and 9 are open. Any

Re: iptables rules and open ports

not using them, stop the services or uninstall the packages that are launching them. - Original Message - From: Vadim Kutsyy [EMAIL PROTECTED] To: Debian User debian-user@lists.debian.org Sent: Monday, February 12, 2001 11:33 PM Subject: iptables rules and open ports I have stand

Re: iptables rules and open ports

Vadim Kutsyy wrote: Jason, good idea. I took care about ssh (removed all [K,S]20ssh). Hoever I have no clue what to do with aother ports. port 13: daytime port 37: time port 9: discard Any ideas? Thanks. Those are started by inetd.Comment them in /etc/inetd.conf then ,as root

Re: iptables rules and open ports

port 13: daytime port 37: time port 9: discard Any ideas? Thanks. Those are started by inetd.Comment them in /etc/inetd.conf then ,as root /etc/init.d/inetd restart Thanks, and last question: How to make my computer not pingable? Thanks.

Re: iptables rules and open ports

How to make my computer not pingable? As root, echo 1 /proc/sys/net/ipv4/icmp_echo_ignore_all I don't know what other problems this may lead to, if any, though... Regards Hall

Re: iptables rules and open ports

Check out the packet filtering howto: http://netfilter.samba.org/unreliable-guides/packet-filtering-HOWTO/index.html Section 7 covers fun stuff like avoiding ping-o-death syn-flooding. Wil --- Hall Stevenson [EMAIL PROTECTED] wrote: How to make my computer not pingable? As root, echo

Re: iptables rules and open ports

Wil Reichert wrote: http://netfilter.samba.org/unreliable-guides/packet-filtering-HOWTO/index.html Section 7 covers fun stuff like avoiding ping-o-death syn-flooding. I've seen it (I used Section 5 to create my rules). However, my computer is stand alone workstation without any servers, but

iptables rules and open ports

I have stand alone workstation withour any network, so I am trying to keep all ports close. I run kernel 2.4 with iptables. Recent scaning (by www.dslreports.com) shows that ports 13,22,37 and 9 are open. Any recomendation on how to close them? Thanks. My iptables rulles:

Re: iptables rules and open ports

, 2001 11:33 PM Subject: iptables rules and open ports I have stand alone workstation withour any network, so I am trying to keep all ports close. I run kernel 2.4 with iptables. Recent scaning (by www.dslreports.com) shows that ports 13,22,37 and 9 are open. Any recomendation on how to close

iptables rules

Greetings everyone... I've upgraded to the 2.4.0-test5 kernel, compiled in netfilter, downloaded iptools. As root I can see I have control of the firewall. For example I can put a iptables -A INPUT -j DROP and nothing gets in or out!. heh. This however is not what I am after. Can you fine

RE: iptables rules

Try this: http://www.debiandiary.f2s.com/diary/iptables.html There is a script there called iptables.sh. I believe that is the script I used as a starting point. -- Andrew On 28-Aug-2000 William Jensen wrote: Greetings everyone... I've upgraded to the 2.4.0-test5 kernel, compiled in

RE: iptables rules

Actually, I believe the script I use is based on this one: http://www.linuxhelp.net/guides/davion/iptables-script Woody has an iptables package too, which I am examining now. -- Andrew

[pollywog@shadypond.com: RE: iptables rules]

] Subject: RE: iptables rules In-reply-to: [EMAIL PROTECTED] To: William Jensen [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Reply-to: Pollywog [EMAIL PROTECTED] Organization: The Pond X-Mailer: XFMail 1.4.6 on Linux X-Priority: 3 (Normal) Resent-Message-ID: [EMAIL PROTECTED] Resent-From: debian