firewall sunexeias
Giorgos Keramidas
keramida at ceid.upatras.gr
Wed Nov 16 09:17:26 EET 2005
On 2005-11-16 08:30, Alex Chontzopoulos <ac at it-cell.com> wrote:
>Giorgos Keramidas wrote:
>>
>> Ti na sou pw... egw de 8a xrhsimopoioysa pote ena toso polyploko
>> ruleset. Oso auksanei h polyplokothta enos pragmatos, toso pio eykola
>> mporei na ginei lathos.
>>
>> Egw 8a protimousa kati san to parakatw se ena script:
>>
>> iptables -F
>>
>> iptables -P INPUT DROP
>> iptables -P FORWARD DROP
>> iptables -P OUTPUT ACCEPT
>>
>> iptables -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
>> iptables -A INPUT -p icmp -j ACCEPT
>>
>> Ayta gia arxh. Ystera mporeis na anoikseis "epilektika" kapoia
>> eiserxomena paketa :)
>
> Na prosthesw mono oti stin alisida INPUT afou bazoume default policy
> DROP tha prepei na afisoume kai ta RELATED kai ESTABLISHED connections
> gia na epistrefoun ta paketa pou bgazoume pros ta exw..
>
> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Nai, poly swsta. Sorry pou to ksexasa ayto :)
More information about the Linux-greek-users
mailing list