povolene porty v TCP/IP u RH 7.0

Michal Vymazal gandalf na mbox.vol.cz
Čtvrtek Leden 10 17:51:50 CET 2002


Lukas Novak wrote:

> Nevite kde se nastavuje zakazovani a povolovani portu. Nastaveni
> dostupnych sluzeb chapu, ale u portu nevim.
> 
> Lukas Novak
Zdravim 
U ipchains treba takto
EXTERNAL_INTERFACE="ppp0" # Internet connected interface
LOCAL_INTERFACE_1="eth0" # Internal LAN interface
LOOPBACK_INTERFACE="127.0.0.1" # Your local naming convention 
# ftp
ipchains -A input -p TCP -i $EXTERNAL_INTERFACE -s ! $LOOPBACK_INTERFACE -d 
0.0.0.0/0 21 -j DENY -l
ipchains -A input -p UDP -i $EXTERNAL_INTERFACE -s ! $LOOPBACK_INTERFACE -d 
0.0.0.0/0 21 -j DENY -l
# ssh
ipchains -A input -p TCP -i $EXTERNAL_INTERFACE -s ! $LOOPBACK_INTERFACE -d 
0.0.0.0/0 22 -j DENY -l
ipchains -A input -p UDP -i $EXTERNAL_INTERFACE -s ! $LOOPBACK_INTERFACE -d 
0.0.0.0/0 22 -j DENY -l
# telnet
ipchains -A input -p TCP -i $EXTERNAL_INTERFACE -s ! $LOOPBACK_INTERFACE -d 
0.0.0.0/0 23 -j DENY -l
ipchains -A input -p TCP -i $EXTERNAL_INTERFACE -s ! $LOOPBACK_INTERFACE -d 
0.0.0.0/0 23 -j DENY -l

Muzete pouzit i iptables.

Michal Vymazal


Další informace o konferenci Linux