Would this rule ensure that only port 80 can be used with tcp?
ACCEPT all $FW tcp www
Policy file is:
#SOURCE DEST POLICY LOGLEVEL RATE CONNLIMIT
$FW net ACCEPT
net all DROP info
all all DROP info
thanks
Justin Pryzby <pry...@telsasoft.com> escribió:
On Sat, May 16, 2020 at 09:23:36AM -0400,
merlinverde...@infomed.sld.cu wrote:
How can i implement the following rules:
iptables -A INPUT -p tcp -m tcp --dport 80 -m state --state
NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -m tcp --sport 80 -m state --state
NEW,ESTABLISHED -j ACCEPT
Probably you'd just handle NEW and allow connection tracking to handle
ESTABLISHED:
ACCEPT all $FW tcp www
i can not find examples about the use of NEW,ESTABLISHED in shorewall.
https://shorewall.org/manpages/shorewall-rules.html
--
Justin
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
--
Este mensaje le ha llegado mediante el servicio de correo electronico que
ofrece Infomed para respaldar el cumplimiento de las misiones del Sistema
Nacional de Salud. La persona que envia este correo asume el compromiso de usar
el servicio a tales fines y cumplir con las regulaciones establecidas
Infomed: http://www.sld.cu/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
