LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page How to block high ports in iptables?
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 12-01-2008, 06:30 PM   #1
sparc86
Member
 
Registered: Jul 2006
Location: Joinville - SC, Brazil
Distribution: Debian, Gentoo, FreeBSD
Posts: 279
Blog Entries: 1

Rep: Reputation: 31
How to block high ports in iptables? [SOLVED]

Hello LQ community.

I have a personal iptables configuration to my PC where I use the DROP policy for INPUT (iptables -P INPUT DROP), the only port I am liberating is the 22 (ssh), but I wonder how high ports above 60000 can be accessed since I have a strict policy for incoming traffic. In fact, I have a squid listening at the port 60001 and I can connect to it even using the DROP policy at my iptables.

I have been researching hard at google about it but I cannot find something related to solve my doubts.

So my questions are:

1. Why are the high ports opened even if I have the INPUT policy stricted to DROP?

2. If there's any reason for these ports not to be opened by default, what's the reason for that?

3. Finally, how could I really drop ALL the incoming traffic using iptables?


Thank you very much for your help!
Last edited by sparc86; 12-01-2008 at 07:53 PM.
 
Old 12-01-2008, 07:55 PM   #2
sparc86
Member
 
Registered: Jul 2006
Location: Joinville - SC, Brazil
Distribution: Debian, Gentoo, FreeBSD
Posts: 279
Blog Entries: 1

Original Poster
Rep: Reputation: 31
Sorry for taking your time, but it was my mistake. There was a line in my iptables script which was liberating all traffic coming from my LAN. CABAÇO!
 
  


Reply

Tags
iptables, ports


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need to block all ports and open only select ports on Ubuntu 7.1 Mr.J Linux - Networking 1 11-18-2008 02:45 AM
open ports for utorrent using iptables n close smpt to that ports shtorrent00 Linux - Networking 2 09-30-2008 03:34 PM
how? redirect apache2 outbound ports to specific ports w/iptables? nowshining Linux - Security 5 05-27-2008 02:46 AM
block m$ related ports using iptables carboncopy Linux - Security 8 01-28-2005 12:30 PM
iptables: block ports and RELATED, ESTABLISHED Klaus Pforte Linux - Security 6 07-17-2003 10:00 AM


All times are GMT -5. The time now is 09:50 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration