There ya have it - the solution.
> -----Original Message-----
> From: Thornton Prime [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, January 04, 2001 2:57 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: blackhole firewall rules
>
> On Thu, 4 Jan 2001, Burke, Thomas G. wrote:
>
> > I know you can block specific hosts, but I'm not sure you can block
> specific
> > ports on those hosts... You wouldn't want to block their server
> completely,
> > as all traffic probably passes through it.
> >
> > To do that, tho, you can do this:
> > $IPCHAINS -A input -l -s XXX.XXX.XXX.XXX -d $EXTERNAL_NET -j DENY
> >
> > I don't know about blocking a specific port, though...
>
> Same rule, pretty much, but you'll need to add the port (or port range)
> and a protocol identifier:
>
> $IPCHAINS -A input -l -p tcp
> -s XXX.XXX.XXX.XXX fromlo:fromhi \
> -d $EXTERNAL_NET tolo:tohi -j DENY
>
> Where fromlo/fromhi/tolo/tohi are your low and high source and
> destination ports.
>
> You will probably want to repeat the rule with '-p udp' to block UDP
> access also.
>
> thornton
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
