Re: deny outgoing ports with exception using narc
Masiar,
> Masiar Farahani <ia4598@fh-wedel.de> [2003-09-18 18:16]:
>
> I want to secure my Network from within by allowing only a handfull of
> ports going out. But I want to allow all ports for some specific clients.
>
> I'm using the narc software
> (http://www.knowplace.org/netfilter/narc.html). Restricting is no
> problem, but how do I allow all ports for my own client (192.168.0.3)?
>
I don't know narc, but
iptables -I INPUT -d 192.168.0.3 -j ACCEPT
iptables -I FORWARD -d 192.168.0.3 -j ACCEPT
iptables -I FORWARD -s 192.168.0.3 -j ACCEPT
iptables -I OUTPUT -s 192.168.0.3 -j ACCEPT
gets the door wide open to and from your box.
wbr,
Lukas
--
Lukas Ruf | Wanna know anything about raw |
<http://www.lpr.ch> | IP? <http://www.rawip.org> |
Reply to: