Re: [gentoo-user] IPTables question... simple as possible for starters

2013-12-31 Thread shawn wilson
On Tue, Dec 31, 2013 at 9:08 AM, Pandu Poluan wrote: > > On Dec 30, 2013 7:31 PM, "shawn wilson" wrote: >> >> Minor additions to what Pandu said... >> >> On Mon, Dec 30, 2013 at 7:02 AM, Pandu Poluan wrote: >> > On Mon, Dec 30, 2013 at 6:07 PM, Tanstaafl >> > wrote: >> >> > The numbers within [

Re: [gentoo-user] IPTables question... simple as possible for starters

2013-12-31 Thread Pandu Poluan
On Dec 30, 2013 7:31 PM, "shawn wilson" wrote: > > Minor additions to what Pandu said... > > On Mon, Dec 30, 2013 at 7:02 AM, Pandu Poluan wrote: > > On Mon, Dec 30, 2013 at 6:07 PM, Tanstaafl wrote: > > > The numbers within [brackets] are statistics/countes. Just replace > > them with [0:0], un

Re: [gentoo-user] IPTables question... simple as possible for starters

2013-12-30 Thread shawn wilson
Minor additions to what Pandu said... On Mon, Dec 30, 2013 at 7:02 AM, Pandu Poluan wrote: > On Mon, Dec 30, 2013 at 6:07 PM, Tanstaafl wrote: > The numbers within [brackets] are statistics/countes. Just replace > them with [0:0], unless you really really really have a good reason to > not star

Re: [gentoo-user] IPTables question... simple as possible for starters

2013-12-30 Thread Pandu Poluan
On Mon, Dec 30, 2013 at 6:07 PM, Tanstaafl wrote: > [-- LE SNIP --] > Ok, well, maybe I should have posted my entire ruleset... > > I have this above where I define my chains: > > # > *filter > :INPUT DROP [0:0] > :FORWARD DROP [0:0] > :OUTPUT DROP [0:0] > # > > Does it matter where this goes? >

Re: [gentoo-user] IPTables question... simple as possible for starters

2013-12-30 Thread Tanstaafl
On 2013-12-29 1:39 PM, shawn wilson wrote: On Sun, Dec 29, 2013 at 1:07 PM, Tanstaafl wrote: Hi all, Ok, I'm setting up a new server, and I'd like to rethink my iptables rules. I'd like to start with something fairly simple: 1. Allow connections from anywhere ONLY to certain ports ie, for

Re: [gentoo-user] IPTables question... simple as possible for starters

2013-12-29 Thread shawn wilson
On Sun, Dec 29, 2013 at 1:07 PM, Tanstaafl wrote: > Hi all, > > Ok, I'm setting up a new server, and I'd like to rethink my iptables rules. > > I'd like to start with something fairly simple: > > 1. Allow connections from anywhere ONLY to certain ports > > ie, for encrypted IMAP/SMTP connections f

[gentoo-user] IPTables question... simple as possible for starters

2013-12-29 Thread Tanstaafl
Hi all, Ok, I'm setting up a new server, and I'd like to rethink my iptables rules. I'd like to start with something fairly simple: 1. Allow connections from anywhere ONLY to certain ports ie, for encrypted IMAP/SMTP connections from users 2. Allow connections from only certain IP addresses t