[CentOS] filtering ssh regardless of the port

Tue Sep 18 23:16:14 UTC 2007
Ross S. W. Walker <rwalker at medallion.com>

Bazy wrote:
> Hash: SHA1
> Hello gentlemen and lady's,
> I am trying to filter ssh traffic regardless of the port the 
> connection
> is opened on. I want to do the same for rlogin and telnet. I know it
> would be easier to use a proxy server and only allow users to 
> access the
> web... but it's more complicated... they also need other ports open...
> and they use public IP addresses.
> Is there any way that I can do it with iptables without 
> having to patch
> the kernel and iptables with l7-filter.sourceforge.net?
> Thank you for your time.

What you are looking for is a way to filter by protocol signature and
I do not think that functionality is in netfilter yet.

Best bet is to just allow the connections to well knows ports or if it
needs to run over another port define that explicitly.


This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.