LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-19-2007, 04:38 PM   #1
jeniferchu
LQ Newbie
 
Registered: Jan 2007
Posts: 5

Rep: Reputation: 0
Question Need Help in SuSEfirewall2/Iptables


Hello Group,

I am new with Suse and new with this group too. My boss just told me I need to build an FTP server with Suse 10.0. I installed Suse 10 on the new box fine. I configured to allow only SSH on firewall and it is wide open. My question is, I want to allow only the ip range to access SSH to this box only (192.9.1.0 - 192.9.1.20 and all 187.4.*.*), How do I do that? SuSEfirewall2/iptables installed. I wasted my 3 days googled here and googled there, but could not find any thing. Since I am a brand new rookie with Linux/Suse, please take it easy with me, ok!

Here what I know so far.
Firewall configuration file: /etc/sysconfig/SuSEfirewall2
Start/stop firewall: /sbin/SuSEfirewall2 start/stop
That's it!

Thanks for your help Guys and Girls.

Jenifer Chung
 
Old 01-19-2007, 08:24 PM   #2
dx0r515t
Member
 
Registered: Jan 2005
Location: USA
Distribution: Slackware 10.2 & 11.0
Posts: 155

Rep: Reputation: 30
ssh has tcp wrapper support. Add SSHD: ALL in /etc/hosts.deny, then add SSHD: $yourip1, $yourip2 in /etc/hosts.allow. In addition to this add the proper iptable rulesets just to make sure the connections get dropped. This is a quick hack but the iptables command could look something like this:
Code:
iptables -A INPUT -p tcp -s 192.168.1.100 --dport 22 -m state --state NEW -j ACCEPT
 
Old 01-20-2007, 06:08 PM   #3
jeniferchu
LQ Newbie
 
Registered: Jan 2007
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks for info. I am familiar with solaris tcp_wrapper/hosts.allow,deny. Linux Suse is new to me. I read the link you sent but not mention any thing about how to run sshd to make it work with hosts.allow/deny. Do I have to setup sshd to run in inetd in able to work with hosts.allow/deny?

In solaris I add the following line into /etc/inetd.conf:
ssh stream tcp nowait root /usr/sbin/tcpd sshd -i
then add IPs (192.23.,84.12.) in hosts.allow then stop/start inetd daemon and it works fine. In this case, allow only ip start with 192.23 and 84.12.

In Suse, I tried to do the same but it does not work for me. I am sorry to bother you. I really need help.

What is the add IP format in hosts.allow on Suse?
Do I need to run sshd in /etc/xinetd.conf ?

I'm total lost on this. Thanks for your help.

Jenifer
 
Old 01-21-2007, 01:49 PM   #4
jeniferchu
LQ Newbie
 
Registered: Jan 2007
Posts: 5

Original Poster
Rep: Reputation: 0
Thank you for the help. SuSEfirewall2/Iptables is very complicated. I found out that Suse already used the tcp_wrapper. So I use hosts.allow/deny to block IPs accessing ssh. Thanks again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Need help with SuSEfirewall2 jeniferchu SUSE / openSUSE 1 01-19-2007 06:38 PM
ICQ trouble on SuSE Linux 10.1 (iptables aka SuSEfirewall2?) spocksbrain Linux - Security 2 11-06-2006 11:36 AM
iptables and SuSEfirewall2 edwardp SUSE / openSUSE 0 02-06-2005 09:41 AM
SuseFirewall2 and Iptables: Which one is better? ferrantepunto Linux - Security 1 12-19-2003 05:23 AM
SuSEfirewall2 cdeorla Linux - Security 4 09-21-2003 07:09 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration