Re: Can I block _only_ privileged access with ipchains?
dmartin@clifton-labs.com (Dale E. Martin) writes:
> I want my firewall to allow access from unprivileged ports to unprivileged
> ports. So, if I connect to an ftp site on a port above 1023 and my client
> is using a port above 1023, the packets are allowed to cross.
>
> Possible? I can find anything about it in the docs. Any other comments?
If you're using Linux 2.2, I've put up a document at
http://home.clear.net.nz/pages/c.evans/doc/homefirewall.html
that describes the setup I've got to allow this sort of thing.
Consider this the pre-release announcement; I've still got a bit of
clean-up work to do on it, but it's basically finished.
If you're running Linux 2.0, check the ipfwadm(8) man page; my docs
might still be of use.
--
Carey Evans http://home.clear.net.nz/pages/c.evans/
"The risk of U.S. national security resting in the hands of adults who play
with children's toys during office hours is left as an exercise to the reader."
- Bruce Martin in RISKS
Reply to: