ipchains
Haralabos (Bob) Tikos
tikos at cis.upenn.edu
Mon May 15 21:48:55 EEST 2000
Antonis Tsolomitis wrote:
>
> > destination 8elei to ssh. Sto source 8a prepe na einai kati san "all"...
> >
> > > ipchains -A input -s 0.0.0.0/0 ssh -p TCP -d 0.0.0.0/0 ssh -j ACCEPT
ssh
Ena paradhgma:
As poume oti arxhizeis me :
/sbin/ipchains -P input REJECT
/sbin/ipchains -P output REJECT
meta:
/sbin/ipchains -A input -j ACCEPT -i $EXTIF -p tcp -s $SECUREHOST/32 -d
$EXTIP/32 ssh
/sbin/ipchains -A input -j ACCEPT -i $EXTIF -p tcp -s $SECUREHOST2/32 -d
$EXTIP/32 ssh
/sbin/ipchains -A output -j ACCEPT -i $EXTIF -p tcp -s $EXTIP/32 ssh -d
$SECUREHOST/32 1023:65535
/sbin/ipchains -A output -j ACCEPT -i $EXTIF -p tcp -s $EXTIP/32 ssh -d
$SECUREHOST2/32 1023:65535
kai telos:
echo " - Final input catch all rule."
/sbin/ipchains -A input -j REJECT -s $UNIVERSE/0 -d $UNIVERSE/0 $LOGGING
echo " - Final output catch all rule."
/sbin/ipchains -A output -j REJECT -s $UNIVERSE/0 -d $UNIVERSE/0
$LOGGING
Opou:
EXTIF : eth[0123] - poia karta einai ekswterikh...
EXTIP : your.external.ip.address....
UNIVERSE : 0
SECUREHOST : kapoio.trusted.ip.address H kai UNIVERSE
Ala opws exei pei arketes fores prin :
RTFM on http://users.dhp.com/~whisper/mason/
arketa kalo gia polous xrhstes (kai mena).
Mpambis.
--
linux-greek-users mailing list -- http://lists.hellug.gr
More information about the Linux-greek-users
mailing list