Hello, Now, we want to allow users they can only to use the following port numbers ( services ), but we may need someone to help to check and modify the "rules"...
ipchains -F ipchains -A input -i eth0 -p tcp --dport 20 -j ACCEPT ipchains -A input -i eth0 -p tcp --dport 21 -j ACCEPT ipchains -A input -i eth0 -p tcp --dport 22 -j ACCEPT ipchains -A input -i eth0 -p tcp --dport 25 -j ACCEPT ipchains -A input -i eth0 -p tcp --dport 80 -j ACCEPT ipchains -A input -i eth0 -p tcp --dport 53 -j ACCEPT ipchains -A input -i eth0 -p udp --dport 53 -j ACCEPT ipchains -A input -i eth0 -p tcp --dport 110 -j ACCEPT ipchains -A input -i eth0 -p tcp --dport 143 -j ACCEPT ipchains -A input -i eth0 -p tcp --dport 113 -j ACCEPT ipchains -A input -i eth0 -p udp --dport 113 -j ACCEPT ipchains -A input -i eth0 -p tcp ! -y -j ACCEPT ipchains --policy input DENY ipchains --policy output DENY ipchains -A output -i eth0 -p tcp --sport 20 -j ACCEPT ipchains -A output -i eth0 -p tcp --sport 21 -j ACCEPT ipchains -A output -i eth0 -p tcp --sport 22 -j ACCEPT ipchains -A output -i eth0 -p tcp --sport 25 -j ACCEPT ipchains -A output -i eth0 -p tcp --sport 110 -j ACCEPT ipchains -A output -i eth0 -p tcp --sport 143 -j ACCEPT ipchains -A output -i eth0 -p tcp --sport 113 -j ACCEPT ipchains -A output -i eth0 -p udp --sport 113 -j ACCEPT ipchains -A output -i eth0 -p tcp --sport 80 -j ACCEPT ipchains -A output -i eth0 -p tcp --sport 53 -j ACCEPT ipchains -A output -i eth0 -p udp --sport 53 -j ACCEPT ipchains -A output -i eth0 -p tcp ! -y -j ACCEPT ## Debugging rules. ipchains -A input -s 0/0 -d 0/0 -l -j REJECT ipchains -A output -s 0/0 -d 0/0 -l -j REJECT PS : if DON'T set "! -y -j ACCEPT" , can't connect to outside... Thank for your help ! -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
