Am fost bagat de cei da la http://openrbl.org in black list-ul lor. De ce? Pt. ca am open proxy. Da oare de ce draq nu tine iptables cont de regulile urmatoare? iptables -A FORWARD -s ! 192.168.0.0/32 -d ! 192.168.0.1 -p tcp --dport 3128 -j DROP iptables -A INPUT -i eth0 -p tcp --dport 3128 -j DROP iptables -A INPUT -i eth0 -p tcp --sport 3128 -j DROP iptables -A FORWARD -i eth0 -p tcp --dport 3128 -j DROP iptables -A FORWARD -i eth0 -p tcp --sport 3128 -j DROP iptables -A OUTPUT -o eth0 -p tcp --sport 3128 -j DROP [EMAIL PROTECTED] root]# nmap -sT -P0T adresa_IP_externa
Starting nmap 3.30 ( http://www.insecure.org/nmap/ ) at 2004-02-26 16:57 EET Interesting ports on Mandrake (adresa_IP_externa): (The 1629 ports scanned but not shown below are in state: closed) Port State Service 22/tcp open ssh 23/tcp open telnet 25/tcp open smtp 53/tcp open domain 80/tcp open http 110/tcp open pop-3 111/tcp open sunrpc 139/tcp open netbios-ssn 199/tcp open smux 443/tcp open https 3000/tcp open ppp 3128/tcp open squid-http 3306/tcp open mysql 6000/tcp open X11 10000/tcp open snet-sensor-mgmt Nmap run completed -- 1 IP address (1 host up) scanned in 0.120 seconds In plus, mai am ca regula: #cereri catre sshd local $IPT -A INPUT -p tcp -i $EXTERNAL_INTERFACE --dport 22 -j DROP $IPT -A INPUT -p tcp -i $EXTERNAL_INTERFACE --sport 22 -j DROP $IPT -A OUTPUT -p tcp -o $EXTERNAL_INTERFACE --sport 22 -j DROP $IPT -A OUTPUT -p tcp -o $EXTERNAL_INTERFACE --dport 22 -j DROP La fel si la portul 23 De ce mama naibii nu-mi inchide porturile astea? Am Mandrake 9.2. Multumesc! --- Detalii despre listele noastre de mail: http://www.lug.ro/
