Simple firewall script not working for me
I am wanting to lock down all open ports on my slackware box at home, so I found the following script to use as my iptables firewall. When I start it up it will not let me ssh or ftp to my own computer, the connection just hangs and then times out. I can access the internet fine but no ssh or ftp. Also nmap wont work either, does it not work when you have a firewall running on your machine? Here is the firewall script, can anyone see anything wrong with it? Any help would be greatly appreciated :) Also if anyone could reccomend anything that would be better I would be open to any and all suggestions!!
Code:
#!/bin/bash |
Are you on a LAN, or just a solitary box? If you have just one box not networked to anything else, I know of a one-liner firewall script that works just dandy for me. It puts me into what grc.com calls "stealth" mode and I can still FTP files. I'm still on dialup, so if you have another way of connecting I don't know if it will work for you. You can try it if you want:
You go into a shell or terminal, su to Root, and type the following: iptables (then press Enter) Then type: /sbin/iptables -A INPUT -p tcp --syn -j DROP (then press Enter) HTH, Siri Amrit |
Sorry I forgot to mention that this is just a firewall for my sole computer at home. I do not need to do any NAT or anything complex like that, just close up some ports that are sitting open to the world.
So that script of yours doesnt drop anyone from connecting to your open ports, just makes it look like they are closed if they do a port scan? I might try that but I would also like something that will drop packets trying to connect to the ports as well. |
It drops the packets. The ports don't appear to be there at all. You can go to grc.com and have them check your ports in the Shields UP tool section of the site.
If that doesn't work for you, you can get a simple iptables gui interface like Guarddog or Firestarter to configure your iptables for you. HTH, Siri Amrit |
|
All times are GMT -5. The time now is 03:14 AM. |