-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Voytek Eymont wrote: > On Wed, December 27, 2006 12:55 am, Alexander Stanley wrote: > >> G'day guys, >> >> >> In terms of a web-gui you could employ "webmin" ( www.webmin.com >> from memory ). As for a GUI based tool I don't know any that >> work too well. I find manually doing iptables a few times a >> month keeps you in practice :) > > thanks, Alex > > of course, I'll need to open port 10000 somewhow before I can use > that... > > (but, yes, I think I'll install webmin anyhow) > G'day Voytek, The port doesn't have to be port 10,000 actually. On the note of opening port 10,000 (or any port) for webmin, try something like this: # iptables -A INPUT -p tcp --dport 10000 -j ACCEPT Closing the port can be done with: # iptables -D INPUT -p tcp --dport 10000 -j ACCEPT To run these commands you will need to ssh in (so PuTTy looks like a good candidate). I'd suggest you download the latest webmin tarball and configure it to a non-standard port (12435 or something that nobody else would think of it immediately) and/or configure it against your own IP address so that only you can access webmin. This can be done with something like this: # iptables -A INPUT -p tcp -s xxx.xxx.xxx.xxx --dport 12435 -j ACCEPT And again, closing is just changing the -A to -D # iptables -D INPUT -p tcp -s xxx.xxx.xxx.xxx --dport 12435 -j ACCEPT I'm a little rusty on the whole thing, but that looks right to me (others feel free to correct me if I'm wrong). Hoo Roo, Alex. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFka9nqiAqtUUyjdYRAkWMAJsGctfJeOOPFBnb4Fyh4gyn1+EHrwCgrgpM cAZ5Udg4d+0V9Q+3XXmJE6A= =WTX2 -----END PGP SIGNATURE----- -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html