> I'll try using iptables. > what if i want to deny & log all incoming traffic to my eth0 and only > allow specific port connections like smtp,http,ssh and imap? how do i > specify port?
iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i eth0 -p tcp --syn --dport 22 iptables -A INPUT -i eth0 -p tcp --syn --dport 80 iptables -A INPUT -i eth0 -p tcp --syn --dport 143 iptables -A INPUT -i eth0 -j LOG --log-level <number> --log-prefix='[DENIED]: ' iptables -A INPUT -i eth0 -j DENY For log level, the number corresponds with syslog loglevel. The prefix is to simply add a "[DENIED] :" string in your syslog messages. Take note that this can increase your syslog messages significantly, especially if there are numerous attempts to your system. ======================= Gino LV. Ledesma Campus Network Group Ateneo de Manila University http://cng.ateneo.net/ _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
