Not sure what results you are getting or how you are testing but, 1. A decent tutorial can be found on http://www.siliconvalleyccie.com/linux-hn/iptables-intro.htm. It helped me get the syntax down and it provided me w/ a basis for structuring rules. 2. A good way to test is to start logging traffic to the syslog (/var/log/messages) by trying to send/recv to the various ports. If your log rule catches your dropped packets, you should be able to identify the source/dest ports, IPs, etc... 3. Make sure you have iptables running. Check your init scripts and put Sxxxiptables in the appropriate run level. Then check the rules w/ iptables -L when you think this service is loaded. 4. Manage your rules in a script. This is much easier than writing all of the rules out on the command line. Your first rule should flush (iptables -F) the appropriate tables you are working w/. You mentioned closing all ports. You should probably let traffic run on at least the loopback. You may already be doing so, but I thought I'd mention it. I hear shorewall (http://www.shorewall.net/) is nice... I havent tried it, but other seem to like it. If I have some time, I will give it a go to see what the fuss is about :) Hope that helps or at least gets you started. Thanks, Alejandro > ----- Original Message ----- > From: "Jesse Millan" <jessem@xxxxxxxxxxxxxxxx> > To: <redhat-list@xxxxxxxxxx> > Sent: Tuesday, October 21, 2003 4:30 AM > Subject: Firewall Configuration in Redhat 9.0 > > > > > > I've been having some trouble opening and closing ports. Basically, I > > want to close of all ports except 22 for ssh and 3 other ports to do > > some testing with openmosix. No matter what I do though, the ports that > > I want open stay closed and the ports that I want closed are open. > > (Mostly) > > > > Port State Service > > 22/tcp open ssh > > 25/tcp open smtp > > 111/tcp open sunrpc > > 139/tcp open netbios-ssn > > 505/tcp open mailbox-lm > > 631/tcp open ipp > > 885/tcp open unknown > > 4660/tcp open unknown > > 6000/tcp open X11 > > 9158/tcp open unknown > > 10000/tcp open snet-sensor-mgmt > > 32768/tcp open unknown > > 32769/tcp open unknown > > 32770/tcp open sometimes-rpc3 > > > > Looks like I don't even have a firewall activated. > > redhat-config-securitylevel is set to medium. If I change it to hight > > the same ports are open. Trusted device is set to my network card (eth0) > > nothing is checked except ssh and dhcp. Like I said above, I want a > > couple other ports for open openmosix but, I have not "other ports" > > section using redhat-config-securitylevel. > > > > Other notes, I have iptables service enabled. It starts at boot. Also, I > > have tried to use iptables directly i.e iptables -A INPUT -p tcp ... > > etc. Still nothing. > > > > Thanks in advance. > > > > > > > > -- > > Jesse Millan > > CNS Server Team > > Portland State University > > Phone: (503) 725-3285 > > Fax: (503) 725-6487 > > GPG key: www.system-calls.com/gpg.php > > > > I wouldn't be so paranoid if you weren't all out to get me!! > > > > > > -- > > redhat-list mailing list > > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
