LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-14-2005, 10:55 AM   #1
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slackware 14.2 kernel 4.19.43
Posts: 462

Rep: Reputation: 30
dynamic iptables rules


scuse my ignorance.

I'm interested in only allowing a connection to my ident service(auth) only if i have recently connected to the site who is making the request.

Is there a way i can achieve this with iptables without just leaving the port open to responses from anywhere or statically assigning the source ip ?

thnks

rj
 
Old 09-14-2005, 01:59 PM   #2
rjkfsm
Member
 
Registered: Apr 2004
Location: Charleston, SC
Distribution: RHEL, CentOS, Debian, Gentoo, Knoppix & DSL
Posts: 126

Rep: Reputation: 15
Use the '-m state ESTABLISHED,RELATED' condition on that port.

If that doesn't suit your needs, check out recent matches at:
http://iptables-tutorial.frozentux.n...cent-match.txt


RK

Last edited by rjkfsm; 09-14-2005 at 02:22 PM.
 
Old 09-14-2005, 02:43 PM   #3
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slackware 14.2 kernel 4.19.43
Posts: 462

Original Poster
Rep: Reputation: 30
Many thnks.
 
Old 09-15-2005, 11:38 AM   #4
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slackware 14.2 kernel 4.19.43
Posts: 462

Original Poster
Rep: Reputation: 30
m state ESTABLISHED,RELATED dosn't suit my needs.

one thing....re the link.

Code:
iptables -A http-recent-final1 -p tcp -m recent --name httplist \
--tcp-flags SYN,ACK,FIN FIN,ACK --close -j ACCEPT
i can find no information on the "--close" switch in the man pages google etc..

can anyone explain?

thnks

slzckboy
 
Old 10-18-2005, 02:28 PM   #5
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slackware 14.2 kernel 4.19.43
Posts: 462

Original Poster
Rep: Reputation: 30
this seems to work in that the irc server now advises that it got an ident response.

Code:
$IPTABLES -A OUTPUT -p tcp -s $NTL_IP -m tcp --dport 6667 -j recent-irc-connection
$IPTABLES -A INPUT -p tcp -m tcp --dport 113 -j recent-irc-connection

# recent-irc-connection chain.
$IPTABLES -N recent-irc-connection
#for output connections
$IPTABLES -A recent-irc-connection -s $NTL_IP -m recent --name irclist --set --rdest -j ACCEPT

#for input connections
$IPTABLES -A recent-irc-connection -s 0/0 -m recent --name irclist --rcheck -j ACCEPT
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables Rules metallica1973 Linux - Security 26 09-14-2005 01:10 AM
IPTABLES - rules in /etc/sysconfig/iptables The_JinJ Linux - Newbie 6 11-20-2004 02:40 AM
iptables and dynamic rules.... ProtoformX Linux - Security 10 10-20-2004 08:50 AM
Dynamic Firewall Rules DavidPhillips Linux - General 2 12-06-2001 07:41 PM
Viruses, ipchains, dynamic rules, rules with regular expressions marktaff Linux - Security 2 09-25-2001 05:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration