LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-12-2005, 04:13 AM   #1
Manuel-H
Member
 
Registered: Apr 2003
Location: Singapore
Distribution: Slackware32/64, Ubuntu, Fedora, RHEL
Posts: 138

Rep: Reputation: 15
Block FORWARD Rules


Hi there,

I am trying to block all outgoing traffic (via iptables FORWARD chain) and allow only certain common ports to open (eg. 22,25,80, 110, etc)

Problem is that when I perform downloading via the browser, the ports are always a dynamic ports so I always unable to download unless I allow it to.
How can I solve this problem?

Below is my log file
***************
Jan 12 17:02:49 fw kernel: FWD denied:IN=eth2 OUT=eth0 SRC=192.x.x.10 DST=203.126.164.142 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=55643 DF PROTO=TCP SPT=1779 DPT=3895 WINDOW=64512 RES=0x00 SYN URGP=0
Jan 12 17:03:02 fw kernel: FWD denied:IN=eth2 OUT=eth0 SRC=192.x.x.10 DST=203.126.164.142 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=55876 DF PROTO=TCP SPT=1781 DPT=3896 WINDOW=64512 RES=0x00 SYN URGP=0
 
Old 01-22-2005, 12:06 AM   #2
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,291

Rep: Reputation: 62
Can you post your iptables so we can have a look at it and see how you have it configured

Last edited by fotoguy; 01-22-2005 at 12:07 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
cant see .forward file in home directory >> mail forward/copy steve_babbage Linux - Newbie 0 03-02-2004 07:25 AM
Iptable-rules block port 80 goldenmag Linux - Security 3 09-05-2003 07:56 PM
iptables forward rules -x-Ed-x- Linux - Security 3 09-24-2002 03:51 AM
Do I need FORWARD-Rules? grubjo Linux - Security 3 08-02-2002 01:45 AM
Viruses, ipchains, dynamic rules, rules with regular expressions marktaff Linux - Security 2 09-25-2001 05:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration