On Tuesday 20 April 2004 9:21 pm, Luis GUSTAVO wrote:
> but in this machine i have e-mail (25) and (110).
Thanks for mentioning that.
How about
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 100 -j ACCEPT
Regards,
Antony.
> Antony Stone <Antony@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> On Tuesday 20 April 2004 8:53 pm, Luis GUSTAVO wrote:
> > I´m looking for a firewall script, for my ADSL conection, and share
> > my conection.
> >
> > And i want block ports 1024:65535
>
> I assume you mean you want to block *incoming* ports (in which case I
> wonder why you only want to block above 1023), so how about this:
>
> iptables -P INPUT DROP
> iptables -P FORWARD DROP
> iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
> iptables -A FORWARD -i $int_IF -o $ext_IF -j ACCEPT
> iptables -A POSTROUTING -t nat -o $ext_IF -j MASQUERADE
>
> Let us know if you have any problems with it, or if there is anything I
> didn't understand from your requirements.
>
> Regards,
>
> Antony.
--
Microsoft may sell more software than any other company, but McDonald's sell
more burgers than any other company, and I think the other similarities are
obvious...
Please reply to the list;
please don't CC me.
