Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=xfcetesting.git;a=commitdiff;h=02fc7cc2c1b04328979b7f0f323dbb36dd1c2824

commit 02fc7cc2c1b04328979b7f0f323dbb36dd1c2824
Author: Krisztian VASAS <i...@frugalware.org>
Date:   Tue Jan 4 18:36:27 2011 +0100

iptables-1.4.10-2-i386
- reworked firewall script

diff --git a/source/network/iptables/firewall b/source/network/iptables/firewall
index 917eb22..8516333 100644
--- a/source/network/iptables/firewall
+++ b/source/network/iptables/firewall
@@ -4,50 +4,53 @@
#
# Generated by iptables-save v1.2.11 on Thu Aug 19 01:47:13 2004
*filter
-:INPUT DROP [1956:130146]
+:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [972602:1376127870]
+:OUTPUT ACCEPT [0:0]
# don't drop certain icmp types
-A INPUT -p icmp --icmp-type 0 -j ACCEPT
-A INPUT -p icmp --icmp-type 3 -j ACCEPT
-A INPUT -p icmp --icmp-type 11 -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# uncomment this to reply to ping
#-A INPUT -p icmp --icmp-type 8 -m limit --limit 1/second -j ACCEPT
# ftp
#-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
# ssh
#-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-# smtp
-#-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
# dns
#-A INPUT -p udp -m udp --dport 53 -j ACCEPT
#-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
# http
#-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
+# https
+#-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
+# smtp
+#-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
+# smtp over ssl
+#-A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
# pop3
#-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
+# pop3s
+#-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
+# imap
+#-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
+# imaps
+#-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
# identd
#-A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
# samba
#-A INPUT -p udp -m multiport --dport 137,138 -j ACCEPT
#-A INPUT -p tcp -m tcp --dport 139 -j ACCEPT
-# imap
-#-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-# https
-#-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
+#-A INPUT -p tcp -m tcp --dport 445 -j ACCEPT
# rsync
#-A INPUT -p tcp -m tcp --dport 873 -j ACCEPT
-# imaps
-#-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-# pop3s
-#-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
# mysql
#-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
# distccd
#-A INPUT -p tcp -m tcp --dport 3632 -j ACCEPT
# avahi
#-A INPUT -p udp -m udp --dport 5353 -j ACCEPT
--A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -i lo -j ACCEPT
COMMIT
# Completed on Thu Aug 19 01:47:13 2004
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to