Re: [Vietlug] Khoa ADSL bang tay

Thu, 30 Sep 2004 08:29:30 -0700 

On 7:09:38 pm 09/29/04 hypoj <[EMAIL PROTECTED]> wrote:
> Chuong Dao wrote:
>
> >  Larry's script co' la`m mo^.t trick nho? cho connections dda~
> >  ddu+o+.c ESTABLISHED/RELATED. Scrit na`y se~ cho phe'p INPUT vo+'i
> >  ddie^`u kie^.n la` ba'c initiated the connection. Ho+i ra('c ro^'i
> >  ti' (iptables howto on ESTABLISHED/RELATED).
>
> Ba'c co' the^? gia?ng gia?i chi tie^'t ho+n ve^` ca'i trick na`y
> kho^ng?   hay la` ba'c co' ca'i link na`o de^~ hie^?u ba'c qua(ng cho
> mo^.t ca'i vo+'i.
> --
> hypoj
> Microsoft is not the answer, it is the question. The answer is NO!!!
>
>

Hi hypoj,

Ne^'u ba.n xem la.i ca'i script, default policy cho INPUT la` DROP. CO'
nghi~a la` khi ba.n mo+? web browser ra va` go~ va`o 
http://search.yahoo.com/search?ei=UTF-8&fr=sfp&p=Explanation+of+ESTABLISHED%2C+RELATED+in+iptables
thi` tha^'y ca'i browser no' cu+' ddu+'ng im kho^ng nhu'c nhi'ch hay bi.
bao' la` Host not found. Ta.i sao vay? Vi` khi ba.n ddi ra ngoa`i, tu+'c
la` ba.n vu+`a mo+? mo^.t NEW connection, khi search.yahoo.com no' tra?
lo+`i la.i nhu+ng no' bi. iptables cu?a ba.n no'i hmmm, tao kho^ng cho ma`y
va`o (iptables -P INPUT DROP). Do ddo' mi`nh ca^`n mo^.t ca'i rule dde^?
cho ta^'t ca? ca'c connections na`o tra? lo+`i mo^.t connection dda~ co'
sa(~n (ESTABLISHED) do tu+` ba.n ba('t dda^`u hay la` mo^.t NEW connection
nhu+ng dde^? tra? lo+`i mo^.t ca'i co' sa(~n (RELATED) cu~ng do tu+` ba.n
ba('t dda^`u.

Ba.n ne^n do.c the^m TCP/IP. DDo.c ta`i lie^.u ve^` firewall kho^ng cu~ng
kho^ng tha^'m, pha?i la`m luo^n thi` mo+'i nho+'/hie^?u to^'t ho+n.


-Larry

http://www.nhÃmlinux.net




-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
VietLUG-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/vietlug-users

Trả lời cho