[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

UDP firewalling

I've had to close some udp ports on my firewall box that were being wrongly 
exported. I did it with the following rules:

Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     udp  ------  localnet/24          anywhere             any ->  any
ACCEPT     udp  ------  localhost            anywhere              any ->  any
REJECT     udp  ------  anywhere             anywhere             any->1:1024
REJECT     udp  ------  anywhere             anywhere             any -> icpv2

This blocks ports 1 - 1024 and 3130 except for the localnet.

Is this the right way to do it? 

The services are the udp portions of samba, dhcp and squid (icpv2).
I thought they were binding only to the internal interface but they weren't 
how can I stop this. Samba is running from rlinetd and both dhcp and squid 
are standalone servers. 



Reply to: