yup i used this one... even used these
ipchains -A forward -p tcp -s 0/0 -d 0/0 6661:7000 -j DENY
ipchains -A output -p tcp -s 0/0 -d 0/0 6661:7000 -j DENY
ipchains -A input -p tcp -s 0/0 -d 0/0 6661:7000 -j DENY
and as i said, it works for linux boxes but windoze boxes seem to
tunnel through my firewall and a portscan on the windoze box shows only
the netbios port and it doesn't seem to register on netstat...
any ideas
On Wed, 11
Apr 2001, Horatio B. Bogbindero wrote:
>
> ipchains -A forward -p tcp -s 0/0 -d 0/0 6661:7000 -j MASQ
>
> On Tue, 10 Apr 2001, Holgado, Pedro wrote:
>
> > Check out the LDP for IPCHAINS, the URL is
>http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
> > I found lists of IRC ports that you can block.
> >
> > [CISCO]
> > ! deny's IRC by filtering packets on IRC ports.
> > deny tcp any any eq 6661
> > deny tcp any any eq 6662
> > deny tcp any any eq 6663
> > deny tcp any any eq 6664
> > deny tcp any any eq 6665
> > deny tcp any any eq 6666
> > deny tcp any any eq 6667
> > deny tcp any any eq 6668
> > deny tcp any any eq 6669
> > deny tcp any any eq 6670
> > deny tcp any any eq 7000
> > deny tcp any any eq 124
> > deny tcp any any eq 529
> > deny tcp any any eq 6671
> > deny tcp any any eq 6673
> > deny tcp any any eq 6675
> > ! end deny IRC
> >
> > This command is from cisco though but it might help you !
> >
> > Hopes this helps !
> >
> > -----Original Message-----
> > From: Victor Michael Blancas [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, April 10, 2001 3:03 AM
> > To: [EMAIL PROTECTED]
> > Subject: [plug] ipchains
> >
> >
> > I have a linux router/firewall/gateway. Anybody know how to block MIRC
> > and other ports using ipchains. I was able to block the port for other
> > linux machines using the box as server. But for windows machine using the
> > box as gateway, they still can connect to IRC. I did a netstat and ip of
> > the windows machine is not registering. I also did a portscan on the
> > windows machine and only netbios is open. Anybody have an idea on how to
> > do it on windows boxes.
> >
> > --
> > Mike
> >
> > _
> > Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> > To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
> >
> > To subscribe to the Linux Newbies' List: send "subscribe" in the body to
>[EMAIL PROTECTED]
> > _
> > Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> > To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
> >
> > To subscribe to the Linux Newbies' List: send "subscribe" in the body to
>[EMAIL PROTECTED]
> >
>
>
> --------------------------------------
> William Emmanuel S. Yu
> Ateneo Cervini-Eliazo Networks (ACENT)
> email : [EMAIL PROTECTED]
> web : http://cersa.admu.edu.ph/
> phone : 63(2)4266001-5925/5904
>
> Perhaps no person can be a poet, or even enjoy poetry without a certain
> unsoundness of mind.
> -- Thomas Macaulay
>
>
>
> _
> Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
>
> To subscribe to the Linux Newbies' List: send "subscribe" in the body to
>[EMAIL PROTECTED]
>
--
Mike
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
