On Tuesday 20 April 2004 8:53 pm, Luis GUSTAVO wrote:
> I´m looking for a firewall script, for my ADSL conection, and share
> my conection.
>
> And i want block ports 1024:65535
I assume you mean you want to block *incoming* ports (in which case I wonder
why you only want to block above 1023), so how about this:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $int_IF -o $ext_IF -j ACCEPT
iptables -A POSTROUTING -t nat -o $ext_IF -j MASQUERADE
Let us know if you have any problems with it, or if there is anything I didn't
understand from your requirements.
Regards,
Antony.
--
Most people have more than the average number of legs.
Please reply to the list;
please don't CC me.
