[Oscar-users] [help] Oscar firewall

Wed, 08 Sep 2010 06:46:49 -0700 

Hi,

I'm trying to write a firewall with iptables under Oscar/CentOS 5.5.
Is there anybody here, who could/would help me...
here is the state where I am:

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [24392:5034163]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
#
#
-A INPUT -j RH-Firewall-1-INPUT
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set
--name SSH --rsource -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -m recent --update --seconds 60
--hitcount 4 --rttl --name SSH --rsource -j LOG --log-prefix
"SSH_brute_force "
-A INPUT -p tcp -m tcp --dport 22 -m recent --update --seconds 60
--hitcount 4 --rttl --name SSH --rsource -j DROP
#
#
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
#
# begin: allowed networks
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.255.0 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.100.0/255.255.255.0 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.200.0/255.255.255.0 -j ACCEPT
-A RH-Firewall-1-INPUT -s 139.11.215.0/255.255.128.0 -j ACCEPT
-A RH-Firewall-1-INPUT -s 139.11.0.0/255.255.0.0 -j ACCEPT
-A RH-Firewall-1-INPUT -s 139.11.6.50 -j ACCEPT
-A RH-Firewall-1-INPUT -s 139.11.107.210 -j ACCEPT
-A RH-Firewall-1-INPUT -s 213.198.55.2 -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A RH-Firewall-1-INPUT -j LOG
-A RH-Firewall-1-INPUT -j DROP
COMMIT


Is it possible to do better ?
Thx a lot
GiGGz

------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:

Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd
_______________________________________________
Oscar-users mailing list
Oscar-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/oscar-users

Reply via email to