Re: high ports filtered?
On Thu, Nov 08, 2001 at 05:11:21PM +0100, Igor Mozetic wrote:
> Nate Campi writes:
> > One option is to use stateful filtering so that connections that
> > originate from those source ports are allowed. If your firewall is
> > debian you can do this by using a 2.4 kernel and iptables.
> No, this isn't an option, since the firewall is on the router
> and is not so sofisticated.
> So, what do people do in general, if they apply the policy
> that by default all ports are closed (as is often recommended)?
You can do the stateful filtering on the host instead. Allow established
connections, but block anything else to those ports. This should work
Nate Campi http://www.campin.net GnuPG key: 0xC17AEF79
Key fingerprint = BF12 722F 8799 E614 33CC FAB7 5A90 C464 C17A EF79
A mathematician is an engine for converting coffee into theorems.