Quoting dman <[EMAIL PROTECTED]>: > On Sun, Sep 02, 2001 at 10:10:25AM -0700, Mike Egglestone wrote: > | Hi all, > | > | What would be a good ipchains command to block all tcp traffic > | to and from a box except "ssh"? > | I have a box that will only be running rsync thru ssh. > | > | This is what I tried, but I don't think it worked. > | > | ipchains -I input -p tcp -s 0/0 -d 0/0 ! ssh -j DENY > > What you need to do is specify the port to allow, somehow. ssh uses > port 22 unless you do something strange to make it use a different > port. > > With iptables I use the command : > > iptables -A INPUT -p tcp --dport ssh -j ACCEPT > > This says that in the input chain, for tcp packets, if the port number > matches ssh in /etc/services then accept the packet regardless of IP > addresses. Hopefully this will give you a pointer towards the > necessary ipchains options. You may need to specify an integer rather > than a name defined in /etc/services for ipchains, I don't know for > sure. > > -D > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > Hi..
My ssh is running on port 22. I figured my original ipchain command will block everything except ssh. (thus I used the "!" with ssh) Do you think its best to change the state of the input chain to DENY and then just allow ssh ? Thanks Mike
