On Tue, 26 Aug 2003, Vlad Radu wrote:
> in cazul in care vreau sa filtrez cu iptables http si https e de ajuns sa
> fac asa :
>
> iptables -A INPUT -p tcp --dport 80 -s 192.168.0.0/255.255.255.0 -j ACCEPT
> si iptables -A INPUT -p tcp --dport 80 -j DROP
Nu, pentru ca ziceai si httpd.
iptables -A INPUT -p tcp -m multiport --dport 80,443 -s 192.168.0.0/255.255.255.0 -j
ACCEPT
iptables -A INPUT -p tcp -m multiport --dport 80,443 -j DROP
> si daca fac asa va mai fi accesibil web-ul din afara ?
iptables -I INPUT -i ethAFARA -p tcp -m multiport --dport 80,443
-j ACCEPT && echo sanatate
...unde ethAFARA e evident, interfata ethernet (sau daca e cazul
atunci alta, pppX, etc) spre reteaua providerului.
--
Any views or opinions presented within this e-mail are solely those of
the author and do not necessarily represent those of any company, unless
otherwise expressly stated.
---
Detalii despre listele noastre de mail: http://www.lug.ro/
