Re: deny outgoing ports with exception using narc

To: Masiar Farahani <ia4598@fh-wedel.de>
Cc: debian-firewall@lists.debian.org
Subject: Re: deny outgoing ports with exception using narc
From: Lukas Ruf <ruf@rawip.org>
Date: Thu, 18 Sep 2003 18:22:03 +0200
Message-id: <[🔎] 20030918162203.GC864@tik.ee.ethz.ch>
In-reply-to: <[🔎] bkck02$6qr8$1@ID-206790.news.uni-berlin.de>
References: <[🔎] bkck02$6qr8$1@ID-206790.news.uni-berlin.de>

Masiar,

> Masiar Farahani <ia4598@fh-wedel.de> [2003-09-18 18:16]:
>
> I want to secure my Network from within by allowing only a handfull of
> ports going out. But I want to allow all ports for some specific clients.
> 
> I'm using the narc software
> (http://www.knowplace.org/netfilter/narc.html). Restricting is no
> problem, but how do I allow all ports for my own client (192.168.0.3)?
> 

I don't know narc, but

iptables -I INPUT   -d 192.168.0.3 -j ACCEPT
iptables -I FORWARD -d 192.168.0.3 -j ACCEPT
iptables -I FORWARD -s 192.168.0.3 -j ACCEPT
iptables -I OUTPUT  -s 192.168.0.3 -j ACCEPT

gets the door wide open to and from your box.

wbr,
Lukas
-- 
Lukas Ruf           | Wanna know anything about raw |
<http://www.lpr.ch> | IP?  <http://www.rawip.org>   |

Reply to:

References:
- deny outgoing ports with exception using narc
  - From: Masiar Farahani <ia4598@fh-wedel.de>

Prev by Date: deny outgoing ports with exception using narc
Next by Date: [LARTC] REJECTing: How and When to use What type of reply.
Previous by thread: deny outgoing ports with exception using narc
Next by thread: [LARTC] REJECTing: How and When to use What type of reply.
Index(es):
- Date
- Thread