[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Can I block _only_ privileged access with ipchains?

dmartin@clifton-labs.com (Dale E. Martin) writes:

> I want my firewall to allow access from unprivileged ports to unprivileged
> ports.  So, if I connect to an ftp site on a port above 1023 and my client
> is using a port above 1023, the packets are allowed to cross.
> Possible?  I can find anything about it in the docs.  Any other comments?

If you're using Linux 2.2, I've put up a document at


that describes the setup I've got to allow this sort of thing.
Consider this the pre-release announcement; I've still got a bit of
clean-up work to do on it, but it's basically finished.

If you're running Linux 2.0, check the ipfwadm(8) man page; my docs
might still be of use.

	 Carey Evans  http://home.clear.net.nz/pages/c.evans/
"The risk of U.S. national security resting in the hands of adults who play
with children's toys during office hours is left as an exercise to the reader."
                                                       - Bruce Martin in RISKS

Reply to: