On Aug 01 2001, [EMAIL PROTECTED] wrote:
> What applications usually try to open a connection from outside?
Some common connections that I can think of now are FTP in
active mode does (but you can get around that informing your
FTP clients to use passive mode) and identd ("
Hello all,
i have a little question about ipchains.
Does it make sense to block all incoming packets with the syn bit set
through
ipchains -A input -d $localhost 1025:65535 -y -p tcp -i ippp0 -j DENY ?
Or will this hurt some non harmful connections too?
Another question about this:
What applicati
Hi all.
I have a linux box running ipchains and masquerading my inetrnal network.
I have subnet of real IP. The router is connected to the hub so the REAL subnet
is before the firewall, so I can't protect it. I'm thinking in add an eth to
the linux box and connect the router (with a cross UTP) t
> The person who said that connections are bi-directional was correct, but
> not in saying that you need a complementary output rule for everything
that depends on the definition of "complementary rule". ;-)
eg, these rules belong together and can be called complementary:
#talk-server
-A input -s
[EMAIL PROTECTED] wrote:
>At 10:53 PM 5/9/00 +0100, you wrote:
>>"Eric Gillespie, Jr." <[EMAIL PROTECTED]> wrote:
>>>ipchains -P input DENY
>>>ipchains -I input -p all -s localhost -j ACCEPT
>>>ipchains -I input -p icmp -j ACCEPT
>>>ipchains -I input -p tcp --dport 113 -j ACCEPT
>>
>>The person who
At 10:53 PM 5/9/00 +0100, you wrote:
>"Eric Gillespie, Jr." <[EMAIL PROTECTED]> wrote:
>>I'd like to set up ipchains so that no on can connect to my
>>dialup computer at all except for identd (for IRC). I read the
>>Firewall and IPCHAINS howtos, as well as the ipchains man page,
>>and it looks like
"Eric Gillespie, Jr." <[EMAIL PROTECTED]> wrote:
>I'd like to set up ipchains so that no on can connect to my
>dialup computer at all except for identd (for IRC). I read the
>Firewall and IPCHAINS howtos, as well as the ipchains man page,
>and it looks like the following lines should do what i want
> What am i doing wrong?
>
you need a complementary input rule for every output rule, because
connections are bi-directional.
--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Linux - the last service pack you'll ever need.
I'd like to set up ipchains so that no on can connect to my
dialup computer at all except for identd (for IRC). I read the
Firewall and IPCHAINS howtos, as well as the ipchains man page,
and it looks like the following lines should do what i want:
ipchains -P input DENY
ipchains -I input -p all -s
On Sat, Aug 14, 1999 at 12:56:20AM +0200, Peter Palfrader aka Weasel wrote:
> ipchains -A output -j ACCEPT -i lo -s 0.0.0.0/0 -d 0.0.0.0/0
> ipchains -A input -j ACCEPT -i lo -s 0.0.0.0/0 -d 0.0.0.0/0
You can restrict this to 127/8 and all local addresses. In Addition to that
you should DENY all i
Hi!
I'm playing around with firewalling a bit and would like to know if I got this
little (not real world) task right:
I tried to setup the ipchains so that the only thing 'marvin' should be able to
do is using smtp with host 'laus'.
Is the following correct for my wish?
ipchains -P input REJ
11 matches
Mail list logo
