make use of the -i <interface> options:
where:
n = number of NIC.
<interface> = lo, eth0, eth1...or ethn
ipchains -A input -s 0/0 -i ethn -d 0/0 21 -p tcp -y -j REJECT
then that would be it.
janjan
------------------------------------
Gene Frederick F. Boniel
Manager - Network Operation Center
Virtual Communications, Inc.
Rm. 202 K&J Bldg. Llorente St.
Brgy. Capitol Site, Cebu City
Philippines 6000
E-mail : [EMAIL PROTECTED]
Mobile : +63 916 3423122
Office : +63 032 2541954
On Fri, 15 Feb 2002, Manny Popes wrote:
> Hmmm additional question, what if he has two NIC like eth0 and eth1... :)
>
> Gene Frederick Boniel wrote:
>
> > oninz,
> > � try setting you firewall like this:
> >
> > where:
> > -s� = source
> > -d� = destination
> >
> > # for your FTP
> > ipchains -A input -s 0/0 -d 0/0 21 -p tcp -y -j REJECT
> >
> > � just make sure you know the protocols run by each
> > services you wanted to block. eg, port 53 (domain) its running both tcp
> > and udp protocols.
> >
> > janjan
> > ------------------------------------
> > Gene Frederick F. Boniel
> > Manager - Network Operation Center
> > Virtual Communications, Inc.
> > Rm. 202 K&J Bldg. Llorente St.
> > Brgy. Capitol Site, Cebu City
> > Philippines 6000
> >
> > E-mail: [EMAIL PROTECTED]
> > Mobile: +63 916 3423122
> > Office: +63 032 2541954
> >
> > On Fri, 15 Feb 2002, Alinmar Umlas wrote:
> >
> > > Brothers,
> > >����� I set my own rule of firewall using ipchains, I try to issue my own
> > > rules with this line...
> > >��� ipchains -F
> > >��� ipchains -A input -s mynetwork/subnet -p TCP ACCEPT
> > >��� ipchains -A input -s 0/0 -p TCP DENY
> > >
> > > I know somethings wrong w/ my rules, how can i Deny only the port like
> > > (telnet or ftp) using ipchains?, the thing is, only the port 53, 21,22 that
> > > i just want to filtered out, how can i do this things without affecting
> > > others port using TCP protocol?
> > >
> > > oninz <--{^0^}
> > >
> > >
> > >
> > >
> > > -----------------------------------------
> > > This email was sent using SquirrelMail.
> > >��� "Webmail for nuts!"
> > > http://squirrelmail.org/
> > >
> > >
> > > _
> > > Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> > > To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
> > >
> > > To subscribe to the Linux Newbies' List: send "subscribe" in the body to
>[EMAIL PROTECTED]
> > >
> >
> > _
> > Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> > To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
> >
> > To subscribe to the Linux Newbies' List: send "subscribe" in the body to
>[EMAIL PROTECTED]
>
> --
> Manny Popes
> Asst. IT Manager - System Administration
> GeoLogistics Inc.
>
> T: 852-70-31 loc 164
> E: [EMAIL PROTECTED]
>
> Please visit our website: http://www.geo-logistics.com
>
> LEGAL DISCLAIMER:
>
> "This message may contain privilege/confidential information intended for the
>addressees above.� If you are not the
> intended recipient, you must not disclose, distribute or use the information. The
>unauthorized disclosure, distribution
> or usage of such information wrongly received by the unintended recipient which may
>prejudice GeoLogistics, Inc. will be
> meted out with the proper civil/criminal action as may be provided by law. In such
>case, you should destroy this message
> and kindly notify the sender by reply mail."
>
> "Any views expressed in this message are those of the individual sender and may not
>necessarily reflect the views of
> GeoLogistics, Inc."
> �
>
> _
> Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
>
> To subscribe to the Linux Newbies' List: send "subscribe" in the body to
>[EMAIL PROTECTED]
>
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
