|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
On 28 Dec 2000 12:24:48 -0800, Inkdog.com Staff wrote:
> Seasons Greetings all!
>
> I have been messing around with IPChains recently.. as I have a masqing set
> up on a LAN... and a few computers on the net. My goal here is to stop
> packets going to ports 1024 and over. So all the clients can send and
> recive email and surf the net.
>
> That is all that is required at this place... so I tried these commands...
> and I stopped ALL packets to the clients.
>
> ipchains -A input -p tcp -s 0/0 ! 0:1024 -j REJECT
>
> ipchains -A output -p tcp -d 0/0 ! 0:1024 -j REJECT
>
> ipchains -A input -p udp -s 0/0 ! 0:1024 -j REJECT
>
> ipchains -A output -p udp -s 0/0 ! 0:1024 -j REJECT
>
> Again... I am tryin to deny service to all non basic ports.. (AOL IM.. ICQ
> stuff like that.. or enable it on a port by port basis... instead of the
> whole range being open)
>
> Also... if someone know how to reset the ipchains rule set without me having
> to reboot the machine.. that would be helpful.
ipchains input -f (for flush, or clear out this chain)
>
> If ya need more details let me know.. thanks and I hope everyone is having a
> SAFE and fun holiday season
>
> Anthony
>
>
> ______________________________________________________________________
> Philadelphia Linux Users Group - http://www.phillylinux.org
> Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
> General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
>
>
--
------------------------------------------------------------------
Michael J. Leone <mailto:turgon@mike-leone.com>
PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|