On Tuesday 25 December 2001 07:38 am, you wrote: > On Mon, 24 Dec 2001 19:20:54 -0700 > > Lee Roberts <[EMAIL PROTECTED]> studiouisly spake these words to ponder: > > At 04:23 PM 12/24/2001 -0500, Mark Weaver wrote: > > >The ports that get opened and closed what ever the case/need may be is > > > done primarily in the bastille-firewall.cfg file. It's within config > > > block #3 that this happens and on these lines: > > > > > >TCP_PUBLIC_SERVICES="22 20 21 25 80 443 53 109 110 119 143 3306" > > > MINIMAL/SAFEST > > >UDP_PUBLIC_SERVICES="53" MINIMAL/SAFEST > > >TCP_INTERNAL_SERVICES="22 20 21 25 80 443 53 109 110 119 143 3306 8000" > > > MINIMAL/SAFEST > > >UDP_INTERNAL_SERVICES="" > > > > This doesn't work as you indicate. I did not open TCP port 53 to the > > public but sygattech.com showed it open. Later in the configuration,I had > > the opportunity to specify that it should be blocked and that did the > > trick. But, some UDP ports that I specified to be blocked still didn't > > get blocked. So, I'll have to modify the iptables rules in order to block > > those ports. My time is limited so I usually rely on others to provide > > installation scripts. > > Lee, > > If you want to block a port all together from everywhere, then the rule > that will do that is this: > > iptables -A INPUT -p tcp -s 0/0 --dport <port#> -j DROP > iptables -A INPUT -p udp -s 0/0 --dport <port#> -j DROP > > theres a small script with ruleset examples in it that I use to add extra > rules to the stock bastille-firewall.
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
