Limiting client connections to a port without iptables
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
>You have been given the answer to what you asked for. If you won't or can't read
>the answer and understand it, then it is your problem, not ours.
I suppose you have no clue what so ever about how childish what you just posted is but then, that's what happens when you have a big ego I guess.
>If you don't have iptables and ask for iptables scripts, again it is YOUR problem, not ours.
>If you don't like the answers your receive, it is YOUR problem, not ours.
>If you don't understand how iptables works, which is apparent from your statements
>that are absolutely wrong, again that is YOUR problem, not ours.[/QUOTE]
Are you just a plain ol idiot or are you working hard at it? I cannot state any clearer what I have stated as being my capabilities using iptables. If I tell you I don't know how to use an axe, is that the next thing you'll berate me for? Gee, tell me something you don't know how to do and I'll be happy to berate you for it too. What a stupid waste of time people like you are.
Stop saying it's not OUR problem when you are speaking for yourself. This isn't OUR problem in any way what so ever, no one is forcing you to respond to anything.
I've heard of people who don't RTFM. I've heard of people who don't read the rules.. but people who ask a question and don't even read the answer? That's a whole new level of foolishness.
Hehe, yet another one. They come right out of the woodwork don't they. Read my posts, I have not once not read a reply in this thread. Yet another person that just has to go mouthing off inflating their own ego.
>Some new information there. How are the firewalls implemented?
I have no problem providing additional information if you'll be more specific about what I failed to offer?
How are the firewalls implemented? Each set of voip servers has it's own firewall. In this case, a pfsense firewall which provides access to the public using common voip ports, 5060, 5080, udp ports, etc. That's about it for implementation.
>That rule accepts everything.
>Those rules do the limiting. Just change port 22 to port 5060.
Yes, I get that. But here's the part I need to better understand.
In order to use this, do I clear all rules first, then starting from scratch, simply use these two commands and I get a fully working iptables file?
As I've mentioned, I have not had the chance to learn iptables yet other than adding/removing ports in a very basic way. Just never really needed to learn it. Right now, I just want to implement a very basic iptables setup to slow down script kiddies.
I will learn iptables just as soon as I have the chance. Right now, I'm simply asking someone to let me know what the whole file should look like. I mean bottom line here folks, are we not trying to help each other to keep the hackers at bay? This is something that can help someone else.
Because someone posts asking for an answer should not automatically mean attack that person for not reading manuals. I mean come on folks, that's kinda lame.
We allow new members ample time to acclimatize and adapt to what LQ is all about. You've been a member long enough to know that there are limits. And right now we've seen quite enough. So here's me talking to you as forum moderator now: stop it, here and now, unconditionally. I don't think I need to explain myself or the LQ Rules any further. Should you wish to discuss your official warning you will do so by contacting me by email.
That out of the way, combining wisdom from the first link in the "Similar Threads" box I pointed you to and previous advice: take a Centos machine w/o firewall rules and run 'service iptables stop'. Now run
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 5060 -m state --state NEW -m recent --set
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 5060 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP
/sbin/iptables -A INPUT -i eth0 -p tcp -m tcp -m state --state NEW -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p udp -m udp -m state --state NEW -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp -m icmp --icmp-type any -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -j REJECT --reject-with icmp-host-prohibited
/sbin/iptables-save > /etc/sysconfig/iptables
See if that file works for you then just 'service iptables start'.
What a joke. I get attacked and the moderator decides that I'm in the wrong.
Do what ever you wish with my account friend, your forums become irrelevant when you allow people to practically answer all questions with 'RTFM'.
Nothing justifies you letting your attitude and language deteriorate throughout this thread the way you did. And while blaming others is a very safe thing to do, it definitely isn't the responsible, let alone mature, way we expect LQ members to conduct themselves. The LQ Rules clearly state you should remain friendly, respectfully and thoughtfully, without insulting and personally attacking your fellow LQ members: and that goes for you too.
To cut things short I've warned you once and, as I said in the other thread, once should be enough.