LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-01-2005, 06:17 PM   #1
tumbelo
Member
 
Registered: Mar 2005
Distribution: Suse 9.3, Kubuntu Hoary, Slackware 10.1
Posts: 66

Rep: Reputation: 15
Per-program packet filtering with iptables?


Is it possible? Currently I have opened the ports which I want to be accessible from outside when using certain apps. But then the ports are responding (ie. rejecting packets) all the time instead of dropping incoming packets when I have nothing listening to the ports. I don't know if it even matters but it's puzzled me for a while.

The iptables man pages are too much jargon, I'll never find the answer there considering I couldn't figure out how to set up basic port filtering by reading them.
 
Old 08-01-2005, 10:53 PM   #2
primo
Member
 
Registered: Jun 2005
Posts: 542

Rep: Reputation: 34
Re: Per-program packet filtering with iptables?

Quote:
Originally posted by tumbelo
[B]Is it possible? Currently I have opened the ports which I want to be accessible from outside when using certain apps. But then the ports are responding (ie. rejecting packets) all the time instead of dropping incoming packets when I have nothing listening to the ports. I don't know if it even matters but it's puzzled me for a while.
What you're trying to do?
If you mean "opened" == "no firewall rules drop these packets (neither explicitly nor implicitly)", then the OS will respond with:
1- a reply if there's a port listening (this is what we say as "opened")
2- a reject packet if the port is "closed"
Perhaps you may want a wrapper script which adds firewall rules that permit these ports when you exec these apps (assuming your firewall is in drop-all-by-default mode), and deleting these at program termination
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables packet data filtering firewall <Ol>Origy Linux - Networking 1 08-15-2005 06:07 AM
packet filtering majeztik Linux - Security 2 04-09-2005 01:34 AM
Packet Filtering empre55 Linux - Newbie 1 03-20-2005 09:10 AM
Packet Filtering Firewall empre55 Linux - Networking 1 03-20-2005 08:35 AM
Packet Filtering simmid Linux - Networking 0 09-18-2001 02:05 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:50 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration