Alexandr Shurigin escribió:
hello huys I have trouble. i readed and readed and think better i ask professionals :)I have server which must have shared only 80 and 22 ports. all other ports i want to close by iptables.Which rules i must use ? Thanks. have a good day :) -- С уважением, Александр Шурыгин icq 254106594 email: ya@phpdude.ru <mailto:ya@phpdude.ru> phone: +7 902 265 81 66
Hello: one posibility ... iptables -P INPUT DROPiptables -t filter -A INPUT -p tcp -m tcp --dport 22 -j LOG --log-prefix 'TRY UNKNOW SSH ACCESS ' --log-level 4
itpables -t filter -A INPUT -s 0/0 -d "your.local.ip" -p tcp --sport 1024:65535 --dport 80 -j ACCEPT
itpables -t filter -A INPUT -s "your.ip.client." -d "your.local.ip" -p tcp --sport 1024:65535 --dport 22 -j ACCEPT
iptables -j DROP make sure that the the following modules are loaded (minimal like): /sbin/modprobe ip_tables /sbin/modprobe iptable_filter /sbin/modprobe ipt_LOG These rules working well on 2.6.18 kernel. I hope that my help him util. (Huh?) PS: i'm not a professional. PS2: sorry for my english. Bye.