LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-27-2006, 05:25 AM   #1
antonysemion
LQ Newbie
 
Registered: May 2006
Posts: 1

Rep: Reputation: 0

Please help me to use IPTABLES
I want to block yahoo messenger,rediffbol,msn messenger, and another popular
messenger. I searched for its ports. But they are using wide range of ports.
We are using private ip. We have to forward all queries (like HTTP, FTP, SMTP, etc) to another machines. How can we do this. I have to block all email queries from our office to yahoo rediff etc. but allow our mail server.

-== Mode Note: Moved from another thread.
Please don't try hijacking threads!
==-

Last edited by peter_robb; 05-30-2006 at 04:38 AM.
 
Old 05-28-2006, 03:03 PM   #2
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Rep: Reputation: 45
MarleyGPN, glad you got it working.

antonysemion, welcome to LQ!
Please do not post questions not relevant to the thread. You should start your own thread to ask a question or find one that relates specifically to it.

To answer your question, you should set a restrictive iptables ruleset that blocks all traffic except for the ones you want to use. Iptables created its policies in the order you enter them, so would need to do something like this.

Code:
export LAN=eth0 #choose correct net device here

#reject all outgoing traffic from local network 
iptables -A FORWARD -i ${LAN} -s 192.168.0.0/255.255.0.0 -j REJECT

#allow forwarding for desired ports
iptables -A FORWARD -i ${LAN} -s 192.168.0.0/255.255.0.0 --dport 21 -j ACCEPT
iptables -A FORWARD -i ${LAN} -s 192.168.0.0/255.255.0.0 --dport 25 -j ACCEPT
iptables -A FORWARD -i ${LAN} -s 192.168.0.0/255.255.0.0 --dport 80 -j ACCEPT
Please note this is not a full iptable ruleset, you will need to add in other stuff for extra security. Try using something like surewall if you are uncomfortable with writing your own iptable rules.

regards,
...drkstr
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Is there a voice chat messenger? ginda Linux - Software 2 02-16-2006 01:21 PM
blocking yahoo messenger with iptables mardanian Linux - Networking 5 04-24-2004 03:32 PM
blocking yahoo messenger with iptables linuxboy_inside Linux - Security 3 01-20-2004 10:12 PM
Instant messenger Chat Kopete mandrake linux yahoo and MSN messenger saurya_s Linux - Software 1 11-22-2003 02:05 PM
Blocking Chat programs smurf Linux - Networking 2 08-04-2001 08:11 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:57 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration