LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-08-2003, 05:29 PM   #1
magicmanstl
LQ Newbie
 
Registered: Aug 2003
Posts: 2

Rep: Reputation: 0
Question port 515, 6000 iptables


Please help me block a port, I am a Linux Newbie (big time) I installed Slackware 9.0 about a week ago I have everything up and running almost but I have port 515, 6000 open and cant seem to shut them. So I thought I could Firewall it with iptables. I am on a cable modem. Here is the Syntax I am using

iptables -A INPUT -p all -d 515 -j DROP
When I Run iptools -L I get

Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere 0.0.2.3

the port 515 is still open when I run nmap
Any help would be appreciated
 
Old 08-08-2003, 06:39 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
The -d option is destination ip address (like 192.168.0.1), not destination port. What you want is --dport 515 instead. You will also get errors trying to do -p all --dport 515, because there are no port numbers for the icmp protocol. Only tcp and udp protocols use port numbers, so just make two rules:

iptables -A INPUT -p tcp --dport 515 -j DROP
iptables -A INPUT -p udp --dport 515 -j DROP

For port 6000 you have to be a little more careful, because it's the port that the Xserver connects to. If you block port 6000 to all interfaces, I'm pretty sure you won't be able to start X. So when you write that rule, remember to at least allow conections over the loopback interface. Something like this will do:

iptables -A INPUT -i !lo -p tcp --dport 6000 -j DROP

Where that is an exclaimation point before the lo. So what that's doing is saying "drop all connections to port 6000 that are not over the loopback interface".
HTH
 
Old 08-09-2003, 02:18 AM   #3
magicmanstl
LQ Newbie
 
Registered: Aug 2003
Posts: 2

Original Poster
Rep: Reputation: 0
THANK YOU

That worked perfectly.
 
Old 08-10-2003, 08:04 PM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
No problem magicmanstl, glad you got it to work.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot bind to port 515 to print jitz Linux - General 1 11-17-2003 05:17 AM
Cannot bind lpd port 515 rdmapes Linux - Newbie 3 09-19-2003 06:49 AM
port 515 illtbagu Linux - General 19 06-21-2003 03:21 PM
close port 6000/tcp 515/tcp SchwipSchwap Linux - Newbie 1 09-12-2002 09:24 AM
ipchains/iptables and port 6000 zhenwu Linux - Security 6 11-16-2001 06:58 PM


All times are GMT -5. The time now is 11:43 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration