Re: deny outgoing ports with exception using narc
> Masiar Farahani <email@example.com> [2003-09-18 18:16]:
> I want to secure my Network from within by allowing only a handfull of
> ports going out. But I want to allow all ports for some specific clients.
> I'm using the narc software
> (http://www.knowplace.org/netfilter/narc.html). Restricting is no
> problem, but how do I allow all ports for my own client (192.168.0.3)?
I don't know narc, but
iptables -I INPUT -d 192.168.0.3 -j ACCEPT
iptables -I FORWARD -d 192.168.0.3 -j ACCEPT
iptables -I FORWARD -s 192.168.0.3 -j ACCEPT
iptables -I OUTPUT -s 192.168.0.3 -j ACCEPT
gets the door wide open to and from your box.
Lukas Ruf | Wanna know anything about raw |
<http://www.lpr.ch> | IP? <http://www.rawip.org> |