On Thu, Aug 19, 1999 at 07:26:28PM -0400, Paul Miller wrote:
>
> How can I disable ports 515 and 6000 on my external ethernet adaptor? --
> I'm ip masquerading an internal network and I only want those services
> running on the internal network.
>
> Thanks
> -Paul
>
I guess, if the external nic is eth1,
ipchains -I input 1 -i eth1 -p tcp --sport 515 -j DENY
ipchains -I input 1 -i eth1 -p tcp --sport 6000 -j DENY
no?
Or if ur internal net is 192.168.1.0/24,
ipchains -I input 1 -p tcp -s ! 192.168.1.0/24 515 -j DENY
should work too.Cant try this now, but from the doc that should be the way (ipchains(8)). If ur using ipfwadm i dunno. -Lex
pgpuvqZb8FTt2.pgp
Description: PGP signature
