On Aug 01 2001, [EMAIL PROTECTED] wrote:
> What applications usually try to open a connection from outside?
Some common connections that I can think of now are FTP in
active mode does (but you can get around that informing your
FTP clients to use passive mode) and identd ("
> The person who said that connections are bi-directional was correct, but
> not in saying that you need a complementary output rule for everything
that depends on the definition of "complementary rule". ;-)
eg, these rules belong together and can be called complementary:
#talk-server
-A input -s
[EMAIL PROTECTED] wrote:
>At 10:53 PM 5/9/00 +0100, you wrote:
>>"Eric Gillespie, Jr." <[EMAIL PROTECTED]> wrote:
>>>ipchains -P input DENY
>>>ipchains -I input -p all -s localhost -j ACCEPT
>>>ipchains -I input -p icmp -j ACCEPT
>>>ipchains -I input -p tcp --dport 113 -j ACCEPT
>>
>>The person who
At 10:53 PM 5/9/00 +0100, you wrote:
>"Eric Gillespie, Jr." <[EMAIL PROTECTED]> wrote:
>>I'd like to set up ipchains so that no on can connect to my
>>dialup computer at all except for identd (for IRC). I read the
>>Firewall and IPCHAINS howtos, as well as the ipchains man page,
>>and it looks like
"Eric Gillespie, Jr." <[EMAIL PROTECTED]> wrote:
>I'd like to set up ipchains so that no on can connect to my
>dialup computer at all except for identd (for IRC). I read the
>Firewall and IPCHAINS howtos, as well as the ipchains man page,
>and it looks like the following lines should do what i want
> What am i doing wrong?
>
you need a complementary input rule for every output rule, because
connections are bi-directional.
--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Linux - the last service pack you'll ever need.
6 matches
Mail list logo
