Can you send me the iptables script that you run to set up the rules?
It looks like you are defaulting to accept instead of deny.
-chaz
Charles L. Sliger, Information Systems Engineer, chaz@xxxxxxxxxxxxx
"No matter where you go, there you are..."
-----Original Message-----
From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On Behalf
Of Abd El-Hameed Ayad
Sent: Tuesday, May 23, 2006 6:35 AM
To: centos@xxxxxxxxxx
Subject: [CentOS] iptables rules
Hi,
I have 2 CentOS servers 82.201.195.123 & 62.139.61.84
I want to deny all ssh logins on port 22 on (62.139.61.84) from any host
except from (82.201.195.123)
Can anybody tell me such iptables rules to write in /etc/sysconfig/iptables
Currently, im using the following rules (on 62.139.61.84)
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -i eth1 -j ACCEPT
-A RH-Firewall-1-INPUT -i eth0 -s 82.201.195.123 -j ACCEPT
-A RH-Firewall-1-INPUT -m tcp -p tcp --dport 22 -j REJECT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -i eth0 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
But i found that somebody is bypassing these rules & trying to
authenticate with unknown (or wrong password) accounts
Thanx in advance
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
