Firewall setting in solaris and winxp

UltraSoul · 07-30-2005, 12:35 PM

My winxp PC is under a router for accessing the remote solaris workstation associated with a public IP address.

Now I want to configure the firewall on solaris and winxp as follows:

From remote host to local PC (Inbound): ( I think this one can be configured by my router )
TCP 6000 ~ 6010
TCP 16001

From local PC to remote host (Outbound):
( My problem is how to open port in solaris or linux )
UDP 177
TCP 512, 513, 514, 23, 22

How can I implement the above one?

jlliagre · 07-31-2005, 05:20 AM

What firewall software are you using on the Solaris box ?

cdhgee · 07-31-2005, 05:31 AM

The standard linux firewall is iptables and comes with most distros. I think it may also be used by Solaris but I'm not sure on this. To configure the firewall on a linux box as per your needs, first of all be root. Then:

Code:

iptables -L

This will list the current firewall ruleset. Find the name of the chain that's got the input rules in it - as you're using RH9 I expect it to be something like RH-Firewall-1-INPUT - that's what I'll use in the code below, change it if it's wrong.

Enter the following commands, still as root:

Code:

iptables -A RH-Firewall-1-INPUT -p udp -m udp --dport 177 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 512 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 513 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 514 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 23 -j ACCEPT

When you've done that, the rules are active and you can test them. Once you're happy that they're doing what you want, commit them to disk so they load next time you boot - otherwise you'll have to reload them. Still as root:

Code:

service iptables save

mattLSO · 07-31-2005, 07:24 PM

What you need for solaris is IPF, check out this tutorial http://www.homepage.montana.edu/~uni...aris_ipf.html.

Regards