Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 07-17-2004, 07:18 PM   #1
Registered: Oct 2002
Distribution: Debian 6.0.2 (squeeze)
Posts: 944

Rep: Reputation: 30
Question Opening up system (gaim and direct connect)

As mentioned in a previous thread, I followed the directions at to basically deny all external connections. Now I see that I'm going to have to slowly open up my system to allow some normal things to function. I haven't noticed anything major yet, but I do see that I can't use gaim to send files or use the "Direct Connection" option with the AIM protocol. What do I need to do to allow this, and what potential risks does it allowing it involve?
Old 07-17-2004, 11:05 PM   #2
Senior Member
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 49
can you post your iptable rules..

The simplest iptable rules will be to allow everything out and only the return traffic inside.

iptables -A INPUT -i <external interface> -j ACCEPT -m state --state RELATED,ESTABLISHED
Old 07-17-2004, 11:13 PM   #3
Registered: Oct 2002
Distribution: Debian 6.0.2 (squeeze)
Posts: 944

Original Poster
Rep: Reputation: 30
My iptables are set up exactly as that site recommended (excluding the ssh bit). That is:


# rc.firewall for
# Basic Slackware Security

# These two rules set the default policies, i.e. what to do if a
# packet doesn't match any other rule, to drop any packet coming
# into (INPUT) or routing through (FORWARD) the box.
iptables -P INPUT DROP
iptables -P FORWARD DROP

# These rules are added (-A) to the INPUT chain.  They allow packets
# from any previously established connections and accept anything
# from the loopback interface.
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s -d -i lo -j ACCEPT
I really don't know much at this point about security/ports/firewall/iptables, especially as related to Linux. However, it sounds like a good idea to start with everything denied and slowly open things up as I need them. My question is, after following the advice given by the site above, how can I now allow AIM direct connections, and will doing that open up anything else that I don't want to be open?


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
direct connect greenthing Linux - Software 1 03-07-2005 05:30 AM
GAIM - Direct Connect syntaxerror64 Linux - Software 1 12-08-2004 11:01 AM
Direct Connect mikedeatworld Linux - Software 0 06-08-2004 09:04 AM
Problems with GAIM Direct Connection. nocuousseraphim Linux - Software 1 05-27-2004 07:26 PM
Opening links with gaim Minderbinder Linux - Software 2 02-13-2004 07:04 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:41 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration