Re: How to block all ports except port 21,22,80,8080 ???

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Am Die, 2003-02-18 um 11.15 schrieb Patrick Maartense:
> it would be MUCH better to
> 
> iptables -p INPUT DROP # default drop
> then allow only these ports
> iptables -A INPUT -p tcp -m multiport  --dport 21,22,80,8080 -j ACCEPT
Sure. Even this little script has to be improved to be accepted as a
"firewall script". Stuff like Conntrack, Egress and Ingress Filter are
missing. 
But a short questions gets a short answer.

Cheers,

Ralf

-- 
Ralf Spenneberg
RHCE, RHCX

IPsec/PPTP Kernels for Red Hat Linux:  
http://www.spenneberg.com/.net/.org/.de
Honeynet Project Mirror:                http://honeynet.spenneberg.org
Snort Mirror:                           http://snort.spenneberg.org
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux