using iptable to close port instead of stopping services
Hi,
Would you say from the iptable extract that I have corretly
set the firewall to drop everything to and from port 111, 631 and 32768 (xinetd).
I know how to stop services. Just learning about shorewall, so
a confirmation would be great. Thanks
Chain net2fw (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
DROP tcp -- anywhere anywhere tcp dpt:111
DROP tcp -- anywhere anywhere tcp dpt:631
DROP tcp -- anywhere anywhere tcp dpt:32768
Output from nmap
PORT STATE SERVICE
111/tcp open rpcbind
631/tcp open ipp
32768/tcp open unknown
# shorewall version 2.0.8
Jul 7 05:56:19 localhost shorewall: Policy for net to loc is DROP using
chain net2all
Jul 7 05:56:19 localhost shorewall: Policy for net to fw is DROP using
chain net2all
Jul 7 05:56:21 localhost shorewall: Policy DROP for net to fw using chain
net2all
Regards
|