On Thu, 4 Jan 2001, Burke, Thomas G. wrote:
> I know you can block specific hosts, but I'm not sure you can block specific
> ports on those hosts... You wouldn't want to block their server completely,
> as all traffic probably passes through it.
>
> To do that, tho, you can do this:
> $IPCHAINS -A input -l -s XXX.XXX.XXX.XXX -d $EXTERNAL_NET -j DENY
>
> I don't know about blocking a specific port, though...
Same rule, pretty much, but you'll need to add the port (or port range)
and a protocol identifier:
$IPCHAINS -A input -l -p tcp
-s XXX.XXX.XXX.XXX fromlo:fromhi \
-d $EXTERNAL_NET tolo:tohi -j DENY
Where fromlo/fromhi/tolo/tohi are your low and high source and
destination ports.
You will probably want to repeat the rule with '-p udp' to block UDP
access also.
thornton
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
