Re: iptables setup: masq, opening ports, security

To: Vasiliy 'Druid' Misharev <druid@ice.ru>
Cc: debian-russian <debian-russian@lists.debian.org>
Subject: Re: iptables setup: masq, opening ports, security
From: Andrei Sosnin <demonsly@hot.ee>
Date: Wed, 11 Dec 2002 13:39:39 +0200
Message-id: <[🔎] 3DF723FB.1030502@hot.ee>
In-reply-to: <[🔎] 20021211105731.GB1584@mirkwood.office2.investigator.ru>
References: <[🔎] 3DF4CA1B.90101@hot.ee> <[🔎] 20021211103841.GA1584@mirkwood.office2.investigator.ru> <[🔎] 000701c2a103$0eb63070$0d0ba8c0@jar> <[🔎] 20021211105731.GB1584@mirkwood.office2.investigator.ru>


Вот, люди, наслаждайтесь:


Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  192.168.1.0/24       0.0.0.0/0
drop-and-log-it  all  --  192.168.1.0/24       0.0.0.0/0
ACCEPT     icmp --  0.0.0.0/0            62.65.204.36

ACCEPT all -- 0.0.0.0/0 62.65.204.36 stateRELATED,ESTABLISHEDACCEPT tcp -- 0.0.0.0/0 62.65.204.36 stateNEW,RELATED,ESTABLISHED tcp dpt:80ACCEPT tcp -- 0.0.0.0/0 62.65.204.36 tcpspts:1024:65535 dpt:21ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 stateNEW,RELATED,ESTABLISHED tcp dpt:6346ACCEPT tcp -- 0.0.0.0/0 192.168.1.0/24 stateNEW,RELATED,ESTABLISHED tcp dpt:25

drop-and-log-it  all  --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy DROP)
target     prot opt source               destination

ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 stateRELATED,ESTABLISHED

ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
drop-and-log-it  all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy DROP)
target     prot opt source               destination

ACCEPT tcp -- 62.65.204.36 0.0.0.0/0 tcpspts:1024:65535 dpt:21 state NEWACCEPT tcp -- 62.65.204.36 0.0.0.0/0 tcp spt:21dpts:1024:65535

ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  62.65.204.36         192.168.1.0/24
ACCEPT     all  --  192.168.1.0/24       192.168.1.0/24
drop-and-log-it  all  --  0.0.0.0/0            192.168.1.0/24
ACCEPT     all  --  62.65.204.36         0.0.0.0/0
drop-and-log-it  all  --  0.0.0.0/0            0.0.0.0/0

Chain drop-and-log-it (5 references)
target     prot opt source               destination

LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0level 7

DROP       all  --  0.0.0.0/0            0.0.0.0/0


Vasiliy 'Druid' Misharev wrote:

не, iptables -L -n



--
Andrei Sosnin
http://zzx.ath.cx

 <!-- : it all depends on your vision : -->

Reply to:

Follow-Ups:
- Re: iptables setup: masq, opening ports, security
  - From: "Vasiliy 'Druid' Misharev" <druid@ice.ru>

References:
- iptables setup: masq, opening ports, security
  - From: Andrei Sosnin <demonsly@hot.ee>
- Re: iptables setup: masq, opening ports, security
  - From: "Vasiliy 'Druid' Misharev" <druid@ice.ru>
- Re: iptables setup: masq, opening ports, security
  - From: "Dmitriy Sirant" <lex@paradise.net.ua>
- Re: iptables setup: masq, opening ports, security
  - From: "Vasiliy 'Druid' Misharev" <druid@ice.ru>

Prev by Date: Re: Помогите разобраться!
Next by Date: Re: iptables setup: masq, opening ports, security
Previous by thread: Re: iptables setup: masq, opening ports, security
Next by thread: Re: iptables setup: masq, opening ports, security
Index(es):
- Date
- Thread