iptables rc.firewall file
Ive been getting hammered by an MS-SQL Worm propagation attempt, UDP port 1434.
Im trying to block it like this:
/sbin/iptables -A INPUT -p UDP -i eth1 --dport 1434 -s 0/0 -j DROP
My question is, do I need the source (-s 0/0) or could I just leave it out and append the INPUT argument like this:
/sbin/iptables -A INPUT -p UDP -i eth1 --dport 1434 -j DROP
Last edited by chrisknight; 10-26-2003 at 01:41 AM.
|