-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 10 September 2003 10:20, Alfredo Rezinovsky wrote: > > Un ejemplo de como cerrar los puertos a internet: > > > > iptables -P INPUT DROP > > iptables -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT > > iptables -A INPUT -m state --state NEW -i ! interfaz_de_internet -j > > ACCEPT > > Un consejo. > > La policies siempre deberian ir en ACCEPT y como ultima regla un DROP o > REJECT. > > iptables -P INPUT ACCEPT > iptables -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT > iptables -A INPUT -m state --state NEW -i ! interfaz_de_internet -j ACCEPT > iptables -A INPUT -j DROP
Pongamos RANDOM rejects rules :-D :-D usen la guia de rusty para el filtrado simple... # iptables -N block # iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT # iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT # iptables -A block -j DROP # iptables -A INPUT -j block # iptables -A FORWARD -j block dale que va!! DROP DEFAULT!! DROP DEFAULT!! STATE FULL!! Y si haces flush con un drop como politica por default JODETE! :-D - -Jx - -- Jos� Luis Diaz - [EMAIL PROTECTED] /"\ ASCII Ribbon Campaign GNU/Linux Registered User #138499 \ / No HTML in mail or news! RTFM! - http://rtfm.org.ar X "Kernel Panic - No signature found" / \ - -- PGPkey: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7BCD2757 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/X1R6M4NSjXvNJ1cRAjU8AJwPkyM89WAbo6it4/JIgkvav2jyaQCcDMzE 7TaXnxomwbmElhWrRMgxPVQ= =sC48 -----END PGP SIGNATURE----- _______________________________________________ Lugro mailing list [EMAIL PROTECTED] http://www.lugro.org.ar/mailman/listinfo/lugro
