Need quick port closing lesson

Bill Johns · 07-08-2005, 02:14 PM

Could anyone give some quick lessons? I don't want anyone accessing my pc from the net. But still allow cookies etc. Need some good suggestions.

Thanks

fouldsy · 07-08-2005, 03:03 PM

something like:

Code:

iptables -a INPUT -i eth0 -j DROP

will simply drop everything coming in. Cookies and such are stored locally and run through your browser so will be fine anyway. Have a read through "man iptables" which lists much more options, as you may want to allow specific traffic from a certain location if you wish to be able to ssh into your machine from another box a home network, for example.

aaa · 07-08-2005, 03:06 PM

iptables -P INPUT DROP
iptables -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT

That should block all outside connections.

Bill Johns · 07-09-2005, 03:24 AM

So to run this at start up do you put it in a script some place? Or are the changes permenant at the command line?
If so how do you return everything to the way it was before the changes?
Don't like to change things with out knowning a recovery from the changes.

/bin/bash · 07-09-2005, 03:36 AM

You may already have a firewall script running, to find out type this as root:
iptables -L

Usually you will have a script e.g. /etc/rc.d/init.d/rc.firewall which is started each time you boot. I don't know if Caldera uses the SysV init scripts or not, but if so then there will be run-level directories which have symlinks to the startup scripts e.g.
/etc/rc.d/rc5.d/S99firewall -> /etc/rc.d/init.d/rc.firewall

Krugger · 07-09-2005, 02:49 PM

If you want to close the ports by not running the default servers you should do:

netstat -ap | more

See what are the names of the processes that are using the ports and then remove the services from you inicialization.

or

you can use the above tips on reconfiguring your firewall.

fouldsy · 07-09-2005, 03:08 PM

Bill - the changes to iptables will be lost when you reboot. To save them, use

Code:

iptables-save > /etc/myfirewall

then create a little bootscript that issues

Code:

iptables-restore < /etc/myfirewall

.

If you want to remove your changes whilst the system is running,

Code:

iptables -F

flushes all iptable rules. Check out "man iptables" for full info on saving, restoring and flushing iptables.

Bill Johns · 07-11-2005, 12:21 AM

Well I did as you said.

iptables -a INPUT -i eth0 -j DROP

It didn't like the small -a so I made it a -A

It would not browse in Konqueror.

I want to be able to do the browser deal. But don't want some one or ? invading my PC.

It looks like all the samples given here block everything.

Capt_Caveman · 07-11-2005, 12:47 AM

If you drop all incoming packets, then you won't be able to receive any replies to your outgoing traffic. You need something more like this as a start:

Quote:

Originally posted by aaa
iptables -P INPUT DROP
iptables -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT

That should block all outside connections.

Note that one of those rules is setting the default policy using -P (in red) and not an actual rule in the chain (-A), so make sure to enter those exactly as listed in aaa's post. Also take a look at the following guide as it will give you some basics on iptables and the various options:

http://iptables-tutorial.frozentux.n...-tutorial.html