LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Block FORWARD Rules
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-12-2005, 03:13 AM   #1
Manuel-H
Member
 
Registered: Apr 2003
Location: Singapore
Distribution: Slackware32/64, Ubuntu, Fedora, RHEL
Posts: 138

Rep: Reputation: 15
Block FORWARD Rules

Hi there,

I am trying to block all outgoing traffic (via iptables FORWARD chain) and allow only certain common ports to open (eg. 22,25,80, 110, etc)

Problem is that when I perform downloading via the browser, the ports are always a dynamic ports so I always unable to download unless I allow it to.
How can I solve this problem?

Below is my log file
***************
Jan 12 17:02:49 fw kernel: FWD denied:IN=eth2 OUT=eth0 SRC=192.x.x.10 DST=203.126.164.142 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=55643 DF PROTO=TCP SPT=1779 DPT=3895 WINDOW=64512 RES=0x00 SYN URGP=0
Jan 12 17:03:02 fw kernel: FWD denied:IN=eth2 OUT=eth0 SRC=192.x.x.10 DST=203.126.164.142 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=55876 DF PROTO=TCP SPT=1781 DPT=3896 WINDOW=64512 RES=0x00 SYN URGP=0
 
Old 01-21-2005, 11:06 PM   #2
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,291

Rep: Reputation: 62
Can you post your iptables so we can have a look at it and see how you have it configured
Last edited by fotoguy; 01-21-2005 at 11:07 PM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
cant see .forward file in home directory >> mail forward/copy steve_babbage Linux - Newbie 0 03-02-2004 06:25 AM
Iptable-rules block port 80 goldenmag Linux - Security 3 09-05-2003 06:56 PM
iptables forward rules -x-Ed-x- Linux - Security 3 09-24-2002 02:51 AM
Do I need FORWARD-Rules? grubjo Linux - Security 3 08-02-2002 12:45 AM
Viruses, ipchains, dynamic rules, rules with regular expressions marktaff Linux - Security 2 09-25-2001 04:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:18 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration