On Mon, 24 Dec 2001 19:20:54 -0700 Lee Roberts <[EMAIL PROTECTED]> studiouisly spake these words to ponder:
> At 04:23 PM 12/24/2001 -0500, Mark Weaver wrote:
> >
> >The ports that get opened and closed what ever the case/need may be is done
> >primarily in the bastille-firewall.cfg file. It's within config block #3
> >that this happens and on these lines:
> >
> >TCP_PUBLIC_SERVICES="22 20 21 25 80 443 53 109 110 119 143 3306"
> > MINIMAL/SAFEST
> >UDP_PUBLIC_SERVICES="53" MINIMAL/SAFEST
> >TCP_INTERNAL_SERVICES="22 20 21 25 80 443 53 109 110 119 143 3306 8000"
> > MINIMAL/SAFEST
> >UDP_INTERNAL_SERVICES=""
>
> This doesn't work as you indicate. I did not open TCP port 53 to the public
> but sygattech.com showed it open. Later in the configuration,I had the
> opportunity to specify that it should be blocked and that did the trick.
> But, some UDP ports that I specified to be blocked still didn't get
> blocked. So, I'll have to modify the iptables rules in order to block those
> ports. My time is limited so I usually rely on others to provide
> installation scripts.
Lee,
If you want to block a port all together from everywhere, then the rule that will do
that is this:
iptables -A INPUT -p tcp -s 0/0 --dport <port#> -j DROP
iptables -A INPUT -p udp -s 0/0 --dport <port#> -j DROP
theres a small script with ruleset examples in it that I use to add extra rules to the
stock bastille-firewall.
--
daRcmaTTeR
---------------------------------------------------------------------
If at first you don't succeed do what your wife told you to do
the first time!
Registered Linux User 182496
Mandrake 8.1
---------------------------------------------------------------------
9:05am up 9 days, 54 min, 2 users, load average: 0.18, 0.65, 0.41
chains
Description: Binary data
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
