Re: ipcheins and ports above 1024!

Mon, 23 Apr 2001 10:56:29 -0700 

you were right, it is already working? ! -y
By the way, do you know which is the response port of FTP protocol? When I
make a connection to a FTP server, it seems to send a response back to the
client, does anybody knows which is this port?

----- Original Message -----
From: "Gustav Schaffter" <[EMAIL PROTECTED]>
To: <>
Sent: Friday, April 20, 2001 12:16 PM
Subject: Re: ipcheins and ports above 1024!


> Not sure if you made a typo when writing your mail or if you actually
> made the mistake when entering the ipchains rule.
>
> I think you must have a space between the '!' and the '-y'. Like in '!
> -y'.
>
> HTH
> Gustav
>
> "Ing. Israel Garcia Alvarez" wrote:
> >
> > Helo:
> >
> > I have a RedHat 6.2 Server with two ethernet cards splitting my network
and
> > have ipchains on it. I configured my own rules to access my servers
under
> > 1024 port, but if I dont let ports open above 1024, I have no response
to
> > request from my servers. My question is, How can I let ports above 1024
open
> > (only to receive responses of request) but not to allow any connection
from
> > outside (type SYNC)? I tried with !-y but without any success.
> > I used this rule without success:
> > ipchins -A input -p tcp -s 0.0.0.0/0 -d $My_server -i eth0 !-y -j ACCEPT
> >
> > If I put this rule everuything is fine:
> > ipchains -A input -s 0.0.0.0/0 -d My_server -j ACCEPT 1000:65535
> > But it's dangerous.
> > What can I do? Let this ports open or I have any bad configuration in my
> > rules?
> > Thnsk you in advance
> >
> > Best regards.
> > Israel Garcia Alvarez
> > Admin Capiro Villa Clara
> > Cuba
>
> --
> pgp = Pretty Good Privacy.
>
> To get my public pgp key, send an e-mail to: [EMAIL PROTECTED]
>
> Visit my web site at http://www.schaffter.com
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
>



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to