opening port, newb alert :)
heres my fw script, im trying to get ssl/irc/linknet working so i need port 113 let thru for identd. any solutions to help out a linux newbie ?
#!/bin/sh
### set up NAT host masquerading on eth0
iptables -t nat -A POSTROUTING -s 10.4.20.0/24 -o eth0 -j MASQUERADE
iptables -N block
iptables -F block
# allow localhost network access
iptables -A block -i lo -p all -j ACCEPT
iptables -A block -o lo -p all -j ACCEPT
# allow established and related conections from outside
iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
# allow all connections on all interfaces EXCEPT eth0 (external)
iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
# allow inbound FTP, SSH, HTTP
iptables -A block -p tcp --dport http -j ACCEPT
iptables -A block -p tcp --dport ftp -j ACCEPT
iptables -A block -p tcp --dport ssh -j ACCEPT
# drop everything else
iptables -A block -j DROP
# apply block filter to INPUT
iptables -A INPUT -j block
echo "1" >> /proc/sys/net/ipv4/ip_forward
thx in advance, great board btw.
Last edited by ratty007; 03-24-2003 at 03:18 AM.
|