LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Need Help in SuSEfirewall2/Iptables (https://www.linuxquestions.org/questions/linux-security-4/need-help-in-susefirewall2-iptables-520982/)

jeniferchu 01-19-2007 04:38 PM
Need Help in SuSEfirewall2/Iptables
 
Hello Group,

I am new with Suse and new with this group too. My boss just told me I need to build an FTP server with Suse 10.0. I installed Suse 10 on the new box fine. I configured to allow only SSH on firewall and it is wide open. My question is, I want to allow only the ip range to access SSH to this box only (192.9.1.0 - 192.9.1.20 and all 187.4.*.*), How do I do that? SuSEfirewall2/iptables installed. I wasted my 3 days googled here and googled there, but could not find any thing. Since I am a brand new rookie with Linux/Suse, please take it easy with me, ok!

Here what I know so far.
Firewall configuration file: /etc/sysconfig/SuSEfirewall2
Start/stop firewall: /sbin/SuSEfirewall2 start/stop
That's it!

Thanks for your help Guys and Girls.

Jenifer Chung

dx0r515t 01-19-2007 08:24 PM
ssh has tcp wrapper support. Add SSHD: ALL in /etc/hosts.deny, then add SSHD: $yourip1, $yourip2 in /etc/hosts.allow. In addition to this add the proper iptable rulesets just to make sure the connections get dropped. This is a quick hack but the iptables command could look something like this:
Code:
iptables -A INPUT -p tcp -s 192.168.1.100 --dport 22 -m state --state NEW -j ACCEPT

jeniferchu 01-20-2007 06:08 PM
Thanks for info. I am familiar with solaris tcp_wrapper/hosts.allow,deny. Linux Suse is new to me. I read the link you sent but not mention any thing about how to run sshd to make it work with hosts.allow/deny. Do I have to setup sshd to run in inetd in able to work with hosts.allow/deny?

In solaris I add the following line into /etc/inetd.conf:
ssh stream tcp nowait root /usr/sbin/tcpd sshd -i
then add IPs (192.23.,84.12.) in hosts.allow then stop/start inetd daemon and it works fine. In this case, allow only ip start with 192.23 and 84.12.

In Suse, I tried to do the same but it does not work for me. I am sorry to bother you. I really need help.

What is the add IP format in hosts.allow on Suse?
Do I need to run sshd in /etc/xinetd.conf ?

I'm total lost on this. Thanks for your help.

Jenifer

jeniferchu 01-21-2007 01:49 PM
Thank you for the help. SuSEfirewall2/Iptables is very complicated. I found out that Suse already used the tcp_wrapper. So I use hosts.allow/deny to block IPs accessing ssh. Thanks again.


All times are GMT -5. The time now is 02:17 AM.