how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports
Am 23.04.2010 20:31, schrieb cahit Eyigünlü:
how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports
http://wiki.centos.org/HowTos/Network/IPTables
Alexander
how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports
Wow Cahit, you are a sucker for punishment buddy:) First, post in text, then do a smidge of reading first... `man iptables` or google?
I am guessing your iptables are stock as install left them? You might try `system-config-security-level-tui` which can actually be scripted, or you can issue low level commands like:
iptables -I RH-Firewall-1-INPUT -m state --state NEW -m multiport -p tcp -s 10.0.0.0/24 -d 10.0.0.0/24 --dports xxx,yyy,zzz -j ACCEPT
etc etc etc
Have a look at shorewall (google it) for the best thing I've ever seen for managing a Linux firewall
2010/4/23 cahit Eyigünlü cahit.eyigunlu@gmail.com:
how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Fri, 2010-04-23 at 18:16 -0400, Alan McKay wrote:
Have a look at shorewall (google it) for the best thing I've ever seen for managing a Linux firewall
I agree about Shorewall. I've been using it for several years, and it does take a lot of the pain out of managing iptables.
That being said, I will add my voice to the others on this list that point out that the OP's mods to /etc/sysconfig/iptables are very dangerous, and indicate a lack of understanding of how iptables and network security actually operate. Some study of basic principles and best practices is essential to managing a firewall configuration, regardless of the tool that is used.
My $0.02 (US) worth for today.
2010/4/23 cahit Eyigünlü cahit.eyigunlu@gmail.com:
how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports
Wow i see it is very cool, and now i am starting to use it also :) +1 from me too :) thanks to every body for all help
2010/4/24 Ron Loftin reloftin@twcny.rr.com
On Fri, 2010-04-23 at 18:16 -0400, Alan McKay wrote:
Have a look at shorewall (google it) for the best thing I've ever seen for managing a Linux firewall
I agree about Shorewall. I've been using it for several years, and it does take a lot of the pain out of managing iptables.
That being said, I will add my voice to the others on this list that point out that the OP's mods to /etc/sysconfig/iptables are very dangerous, and indicate a lack of understanding of how iptables and network security actually operate. Some study of basic principles and best practices is essential to managing a firewall configuration, regardless of the tool that is used.
My $0.02 (US) worth for today.
2010/4/23 cahit Eyigünlü cahit.eyigunlu@gmail.com:
how could i add / remove iptable rules on cet os 5.4 final for tcp /
udp
base on ports
-- Ron Loftin reloftin@twcny.rr.com
"God, root, what is difference ?" Piter from UserFriendly
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I have installed shorewall at late last night and i forget it today i've restart my server now i am not able to connect it :D is there any way to connect shorewall ?
24 Nisan 2010 01:44 tarihinde cahit Eyigünlü cahit.eyigunlu@gmail.comyazdı:
Wow i see it is very cool, and now i am starting to use it also :) +1 from me too :) thanks to every body for all help
2010/4/24 Ron Loftin reloftin@twcny.rr.com
On Fri, 2010-04-23 at 18:16 -0400, Alan McKay wrote:
Have a look at shorewall (google it) for the best thing I've ever seen for managing a Linux firewall
I agree about Shorewall. I've been using it for several years, and it does take a lot of the pain out of managing iptables.
That being said, I will add my voice to the others on this list that point out that the OP's mods to /etc/sysconfig/iptables are very dangerous, and indicate a lack of understanding of how iptables and network security actually operate. Some study of basic principles and best practices is essential to managing a firewall configuration, regardless of the tool that is used.
My $0.02 (US) worth for today.
2010/4/23 cahit Eyigünlü cahit.eyigunlu@gmail.com:
how could i add / remove iptable rules on cet os 5.4 final for tcp /
udp
base on ports
-- Ron Loftin reloftin@twcny.rr.com
"God, root, what is difference ?" Piter from UserFriendly
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
cahit Eyigünlü sent a missive on 2010-04-24:
I have installed shorewall at late last night and i forget it today i've restart my server now i am not able to connect it :D is there any way to connect shorewall ?
If you have locked yourself out then you'll need to have physical access to the machine and log in using the console.
You may also be interested in a linux based firewall such as IPCOP. http://www.ipcop.org or http://sourceforge.net/apps/trac/ipcop/wiki, but this will turn the machine into a dedicated firewall.
Problem is different problem grub load error 2 unfortunatelly
2010/4/24 Simon Billis simon@houxou.com
cahit Eyigünlü sent a missive on 2010-04-24:
I have installed shorewall at late last night and i forget it today i've restart my server now i am not able to connect it :D is there any way to connect shorewall ?
If you have locked yourself out then you'll need to have physical access to the machine and log in using the console.
You may also be interested in a linux based firewall such as IPCOP. http://www.ipcop.org or http://sourceforge.net/apps/trac/ipcop/wiki, but this will turn the machine into a dedicated firewall.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Alan McKay -
Alexander Dalloz -
cahit Eyigünlü -
Joseph L. Casale -
Ron Loftin -
Simon Billis -
Steve Thompson