Re: open port in iptables for specific lenght of time

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I know it's not exactly the same, but have you ever considered 'port
knocking' ?

On Tue, Jun 7, 2011 at 10:33 AM, Steven Buehler <steve@xxxxxxxxxxxx> wrote:

> I have been googling for this and haven't found it.  I know I have seen it
> before and thought that it was an iptables command and not a separate
> script, but I can't remember as it has been a while since I have seen it.
> What I want to do is to open a port on the firewall with iptables for a set
> time, like 5 hours and then after 5 hours, it will close the port again.
> Can anybody point me in the right direction, or if it is a command of
> iptables, maybe post that for me?
>
>
>
> We have a system that is locked down and you have to use a key to get ssh
> access to it.  We have employees and customers that are on dynamic IP's
> that
> keep switching.  They don't have root access.  What I am trying to do is
> create a script that they can log into and it will get their current IP
> address and open the firewall for a specified length of time. Once open,
> they would still have to use their public/private key to ssh into it.  I
> agree this isn't perfect, but it is better than just leaving that port open
> to the world all the time.
>
>
>
> Any help would be appreciated
>
>
>
> thanks
>
> Steve
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>



-- 
-------------------------------------------------------------------------------------------------------------------------------------
NOTICE: This message, including all attachments, is intended for the use of
the individual or entity to which it is addressed and may contain
information that is privileged, confidential and exempt from disclosure
under applicable law. If the reader of this message is not the intended
recipient, or the employee or agent responsible for delivering this message
to its intended recipient, you are hereby notified that any dissemination,
distribution or copying of this communication is strictly prohibited. If you
have received this communication in error, please notify the sender
immediately by replying "Received in error" and immediately delete this
message and all its attachments.
-------------------------------------------------------------------------------------------------------------------------------------
-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux