Ok...
I am having trouble with a certain concept inherent in ipchains...
Now If I want to allow anyone in the world to access a certain service via a certain port, which one of these rules do I implement?
1)
ipchains -A input -d myipaddress --dport myport -p tcp -j ACCEPT
which comes out as
ACCEPT tcp ------ anywhere myipaddress any -> myport
2)
ipchains -A input -d myipaddress --sport myport -p tcp -j ACCEPT
which comes out as
ACCEPT tcp ------ anywhere myipaddress myport -> any
3)
ipchains -A input -d myipaddress --dport myport --sport myport -p tcp -j ACCEPT
which comes out as
ACCEPT tcp ------ anywhere myipaddress myport -> myport
My best guess is to use the first example...
am I wrong?
the ports in question are generic such as smtp, http, domain, auth, https, etc....
do certain services initiate connections on certain ports (source or destination) and then later change them after a connection has been established?
basically, will said service that is supposed to operate on port X always use port X as it's source and destination port portion of it's transmitted packets?
am I making since? am I thinking about this too hard to the point where I have convoluted the fundamental concept?
any help you can offer is appreciated!