[CentOS] iptables rules

Fri Jun 9 22:17:18 UTC 2006
Charles Sliger <chaz at bctonline.com>

Can you send me the iptables script that you run to set up the rules?
It looks like you are defaulting to accept instead of deny.
-chaz

Charles L. Sliger,  Information Systems Engineer,  chaz at bctonline.com
"No matter where you go, there you are..."
 
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf
Of Abd El-Hameed Ayad
Sent: Tuesday, May 23, 2006 6:35 AM
To: centos at centos.org
Subject: [CentOS] iptables rules

Hi,
  I have 2 CentOS servers 82.201.195.123 & 62.139.61.84
I want to deny all ssh logins on port 22 on (62.139.61.84) from any host 
except from (82.201.195.123)


Can anybody tell me such iptables rules to write in /etc/sysconfig/iptables
Currently, im using the following rules (on 62.139.61.84)

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]

-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT

-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -i eth1 -j ACCEPT
-A RH-Firewall-1-INPUT -i eth0 -s 82.201.195.123 -j ACCEPT
-A RH-Firewall-1-INPUT -m tcp -p tcp --dport 22 -j REJECT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -i eth0 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

But i found that somebody is bypassing these rules & trying to 
authenticate with unknown (or wrong password)  accounts

Thanx in advance


_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos