Not going to happen for telnet -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Sr. Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, purge the message from your system and notify the sender immediately. Any other use of the email by you is prohibited. > -----Original Message----- > From: centos-bounces@xxxxxxxxxx > [mailto:centos-bounces@xxxxxxxxxx] On Behalf Of Bazy > Sent: Tuesday, September 18, 2007 16:23 > To: CentOS mailing list > Subject: filtering ssh regardless of the port > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello gentlemen and lady's, > > > I am trying to filter ssh traffic regardless of the port the > connection > is opened on. I want to do the same for rlogin and telnet. I know it > would be easier to use a proxy server and only allow users to > access the > web... but it's more complicated... they also need other ports open... > and they use public IP addresses. > > Is there any way that I can do it with iptables without > having to patch > the kernel and iptables with l7-filter.sourceforge.net? > > Thank you for your time. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFG8DOe7nEMcIvWOSIRAuQNAJ9+0iQZf0GFEioN/6vRuCHxz7+6TACgharb > j9rK16LXwIudeBj/oryLXNI= > =650a > -----END PGP SIGNATURE----- > _______________________________________________ > CentOS mailing list > CentOS@xxxxxxxxxx > http://lists.centos.org/mailman/listinfo/centos > _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos