Need quick port closing lesson
Could anyone give some quick lessons? I don't want anyone accessing my pc from the net. But still allow cookies etc. Need some good suggestions.
Thanks |
something like:
Code:
iptables -a INPUT -i eth0 -j DROP |
iptables -P INPUT DROP
iptables -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT That should block all outside connections. |
So to run this at start up do you put it in a script some place? Or are the changes permenant at the command line?
If so how do you return everything to the way it was before the changes? Don't like to change things with out knowning a recovery from the changes. |
You may already have a firewall script running, to find out type this as root:
iptables -L Usually you will have a script e.g. /etc/rc.d/init.d/rc.firewall which is started each time you boot. I don't know if Caldera uses the SysV init scripts or not, but if so then there will be run-level directories which have symlinks to the startup scripts e.g. /etc/rc.d/rc5.d/S99firewall -> /etc/rc.d/init.d/rc.firewall |
If you want to close the ports by not running the default servers you should do:
netstat -ap | more See what are the names of the processes that are using the ports and then remove the services from you inicialization. or you can use the above tips on reconfiguring your firewall. |
Bill - the changes to iptables will be lost when you reboot. To save them, use
Code:
iptables-save > /etc/myfirewall Code:
iptables-restore < /etc/myfirewall If you want to remove your changes whilst the system is running, Code:
iptables -F |
Well I did as you said.
iptables -a INPUT -i eth0 -j DROP It didn't like the small -a so I made it a -A It would not browse in Konqueror. I want to be able to do the browser deal. But don't want some one or ? invading my PC. It looks like all the samples given here block everything. |
If you drop all incoming packets, then you won't be able to receive any replies to your outgoing traffic. You need something more like this as a start:
Quote:
http://iptables-tutorial.frozentux.n...-tutorial.html |
All times are GMT -5. The time now is 03:42 PM. |