Elvir Kuric írta:
On 6/4/07, Marc Haber <mh+netfilter@xxxxxxxxxxxx> wrote:
On Mon, Jun 04, 2007 at 01:37:07PM +0200, Elvir Kuric wrote:
> I am interested in one thing, is possible using iptables software
> limit particular application/protocol to use/bind to particular ports.
I think this is application and not netfilter specific. You may only be
able to use the owner match.
But if it is good for you ??? I do not know !!!! :D
You can DROP/REJECT packets that came from an disabled port/application
but you can not disable the bind function on a specific port to an
application.
Why do you want to do that?
:) I want to control which ports are open in output chain. Testing,
exploring.
I know it is not important which ports are open in output chain,
usually putting output policy to accept.
AFAIK, this has only meaning in the lower range of ports... (0-1023)
> For example I want to send all reqestes from my machine using ports I
> specify, not random ones,
Why?
> or accept ping echo-replay on specific ports.
Pleas get your facts straight. ICMP does not have ports.
ICMP was just example, first on my mind in that moment :)
TCP,UDP... Many things to think about :D
Regards
Elvir Kuric
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im
Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621
72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 3221
2323190
Swifty