LinuxQuestions.org - IPChains & External Ports

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - IPChains & External Ports (https://www.linuxquestions.org/questions/linux-security-4/ipchains-and-external-ports-61901/)

IPChains & External Ports

Hello all, need some advice regarding Ipchains, I looking for away to close off the following ports on external connections only:

VNC
X11
SMB

Leaving SSH enabled for external connections across PPPD and Wireless LAN on secondary subnet.

Any help would be great

Chris H

what distro are you running? better use iptables, there are lot of wrapper for iptables and it is very good. iptables is the standard for firewall these days.

you can use firestarter or guarddog to accomplish this

Many thanks, am using RH7.2/2.4.7-10 have 2 server running one as router and one as domain controller.

Am just looking for a quick way to block these ports via external links.

Cheers

Chris H

if you know the port numbers:

iptables -A INPUT -s ! LAN_IPs -p tcp --dport SMB_PORT -j DROP
iptables -A INPUT -s ! LAN_IPs -p udp --dport SMB_PORT -j DROP

iptables -A INPUT -s ! LAN_IPs -p tcp --dport VNC_PORT -j DROP
iptables -A INPUT -s ! LAN_IPs -p udp --dport VNC_PORT -j DROP

iptables -A INPUT -s ! LAN_IPs -p tcp --dport X11_PORT -j DROP
iptables -A INPUT -s ! LAN_IPs -p udp --dport X11_PORT -j DROP

LAN_IPs must be replaced by something like 192.168.0.0/16, depending on what your LAN network and subnet mask is. Also where I have VNC_PORT ans X11_PORT you shoudl replace with real port numbers (X11 = 6000, the others i dont know by heart). If you do that, it will close off those 3 ports to udp and tcp connection attempts from any ip that's not on the local network.