LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-02-2004, 03:23 AM   #1
gz_xmg
LQ Newbie
 
Registered: Nov 2003
Location: guangzhou,china
Posts: 7

Rep: Reputation: 0
Question ipchains problem


hello!!
i hava a linux server with kernel 2.4.7. Server is running a jsp website with mysql. i setup a firewall using ipchains.my firewall's rules are only accept 80,8080,3306,23 and deny all. but i cann't write this rules.
Can anyone help me solve it please ?
thanks!

Last edited by gz_xmg; 04-02-2004 at 06:29 PM.
 
Old 04-02-2004, 03:34 AM   #2
micxz
Senior Member
 
Registered: Sep 2002
Location: CA
Distribution: openSuSE, Cent OS, Slackware
Posts: 1,131

Rep: Reputation: 75
What do you mean you can't do it? WHat's the problem?
 
Old 04-02-2004, 06:35 PM   #3
gz_xmg
LQ Newbie
 
Registered: Nov 2003
Location: guangzhou,china
Posts: 7

Original Poster
Rep: Reputation: 0
Quote:
Originally posted by micxz
What do you mean you can't do it? WHat's the problem?
sorry, i want to write firewall rules using ipchains. The rules that i want is accept 80,8080,23,3306 and deny others all ports. thanks lots.
 
Old 04-02-2004, 06:53 PM   #4
micxz
Senior Member
 
Registered: Sep 2002
Location: CA
Distribution: openSuSE, Cent OS, Slackware
Posts: 1,131

Rep: Reputation: 75
When logged in as root ( "su -" ), type:

cd /usr/bin
wget http://www.geocities.com/steve93138/kiss-2.0.1.tar.gz
tar zxvf kiss-2.0.1.tar.gz

That's it! To get it running anywhere on the command line, you simply type:

kiss start

To stop the firewall, type:

kiss stop

To get status information, type:

kiss status

If you want to block an offenders IP address/subnet, simply edit the BLOCK_LIST variable in the /usr/bin/kiss file. You can separate IP addresses and subnet's with a space. Once you are finished, simply restart KISS by typing:

kiss restart

Last, but not least, it is recommended that you configure the firewall to allow only for needed ports. Using trusted IP addresses/subnets is also recommended. These variables are located near the beginning of the /usr/bin/kiss file and are self-explanatory. Once you make changes, you should always restart KISS for the changes to take effect:

kiss restart

Last edited by micxz; 04-02-2004 at 06:54 PM.
 
Old 04-08-2004, 02:36 AM   #5
gz_xmg
LQ Newbie
 
Registered: Nov 2003
Location: guangzhou,china
Posts: 7

Original Poster
Rep: Reputation: 0
thans your reply. but i don't success for downloading the KISS scripts.
Can you write the rules on bbs ? I really want to get it for my linux server.
thanks in advance a lots.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Mail Relay problem IPCHAINS The Jesus Linux - Security 2 05-03-2002 05:02 AM
Problem with ipchains J_Szucs Linux - Newbie 17 11-29-2001 05:40 PM
Weird ipchains problem progressroom Linux - Security 1 09-27-2001 04:35 AM
IPChains problem DATA_OK Linux - Security 15 09-12-2001 08:00 AM
ipchains problem. Chypmunk Linux - Networking 17 07-16-2001 05:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration