<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-7">
<META content="MSHTML 6.00.2800.1106" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Katarxin kali xronia se oloys,oi thermoteres efxes
gia ena eftixismeno kai apodotiko 2004. To provlima poy
antimetopizo einai to eksis katafera ston ipologisti moy ( slackware 9.1 P2 @
400 64MB RAM ) na kano compile ton httpd 2.0.48 kai edosa tin entoli apachectl
start gia na ksekinisi. Dokimazo na do ton server apo kapoion allon
ipologisti dinontas gia url to hostname kai tzifos... ston idio ton server
dokimasa lynx localost kai doyleve ara psiliastika oti to provlima egkeitai
kapoy sto firewall kai to 100(x)elegksa kai den boro na vro poy einai to
provlima.Dokimasa na katevaso to firewall teleios kai fisika o allos ipologistis
ton eide kanonika.To configuration toy firewall einai to eksis:</FONT></DIV>
<DIV><FONT face=Arial size=2>iptables --flush<BR>iptables -X<BR>iptables
-F<BR>iptables -Z<BR>iptables --policy INPUT DROP<BR>iptables --policy
OUTPUT DROP #efault,kopsimo<BR>iptables --policy FORWARD DROP #
default,kopsimo</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>#To lo ta dexete ola.<BR>iptables -A INPUT -p tcp
--dport 22 -j ACCEPT<BR>iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -i lo -j
ACCEPT<BR>iptables -A INPUT -m state --state ESTABLISHED,RELATED,NEW -j
ACCEPT<BR>iptables -A INPUT -p icmp -j REJECT --reject-with
icmp-host-unreachable<BR></FONT></DIV>
<DIV><FONT face=Arial size=2>iptables -A OUTPUT -s 127.0.0.1 -d 127.0.0.1 -j
ACCEPT<BR>iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT #SSH<BR>iptables -A
OUTPUT -p tcp --dport 80 -j ACCEPT #HTTP<BR>iptables -A OUTPUT -p tcp --dport
443 -j ACCEPT #HTTPS<BR>iptables -A OUTPUT -p tcp --dport 110 -j ACCEPT
#POP3<BR>iptables -A OUTPUT -p tcp --dport 25 -j ACCEPT #SMTP<BR>iptables
-A OUTPUT -p udp --dport 53 -j ACCEPT #dns<BR>iptables -A OUTPUT -p tcp
--dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT<BR>iptables -A OUTPUT -p
tcp --dport 20 -m state --state ESTABLISHED -j ACCEPT <BR>iptables -A OUTPUT -p
tcp --sport 1024: --dport 1024: -m state --state ESTABLISHED,RELATED -j ACCEPT
<BR>iptables -A OUTPUT -p icmp -j ACCEPT<BR></DIV></FONT></BODY></HTML>