Re: blocking ports
On 13 Jul 2000, at 10:01, Seth Vidal wrote:
> > #ipchains -A input -p tcp -s 0/0 -d myip 515 -j DENY
> > doesn't work
> > cause de policy is ACCEPT (I think)
> > and change it to DENY causes problems for ssh ftp etc
> the default rule does not affect this at all.
> This is an explicit rule.
> do an ipchains -nL
> show all your rules.
> output them here.
Chain input (policy ACCEPT):
target prot opt source destination ports
DENY tcp ------ 0.0.0.0/0 myip * -> 111
DENY tcp ------ 0.0.0.0/0 myip * -> 515
Chain forward (policy DENY):
target prot opt source destination ports
MASQ all ------ 192.168.0.0/24 0.0.0.0/0 n/a
Chain output (policy ACCEPT):
target prot opt source destination ports
>
> > # rpcinfo -p
> > program vers proto port
> > 100000 2 tcp 111 portmapper
> > 100000 2 udp 111 portmapper
> > 545580417 1 udp 1000 ugidd
> > 545580417 1 tcp 1002 ugidd
>
> ok portmapper is running but nfs/mountd aren't registered w/it.
>
> did you shutdown portmap AFTER running nfsd/mountd and then restarted it?
I dont know.. it is started when i booted my machine
>
> kill and restart nfsd and mountd.
>
> then do an rpcinfo -p
# killall -HUP rpc.nfsd
# killall -HUP rpc.mountd
# showmount -e 127.0.0.1
mount clntudp_create: RPC: Program not registered
# rpcinfo -p
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
545580417 1 udp 1000 ugidd
545580417 1 tcp 1002 ugidd
---
Encryption: A powerful algorithmic encoding technique employed in the creation of computer manuals.
Reply to: