Find the answer to your Linux question:
Results 1 to 5 of 5
Hi all , I would Like to setup a firewall to Do the Following if some one can help i will grateful : i want to block all except certain ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2004
    Posts
    4

    Firewall


    Hi all ,

    I would Like to setup a firewall to Do the Following if some one can help i will grateful :

    i want to block all except certain Ips that use a certain port .

    thanks in advanced

  2. #2
    Linux Guru sarumont's Avatar
    Join Date
    Apr 2003
    Location
    /dev/urandom
    Posts
    3,682
    "Time is an illusion. Lunchtime, doubly so."
    ~Douglas Adams, The Hitchhiker's Guide to the Galaxy

  3. #3
    Just Joined!
    Join Date
    Dec 2004
    Posts
    1
    I hope this helps... this is a quick script that I put together for you. Remember, it is based on DENY ALL and then accept what you want...

    Oh, this is just a template for you to write your own firewall with, btw...

    #-----Linux Firewall script---------------------------------
    #- Template for a packet filter.
    #-----------------------------------------------------------

    IPT=/sbin/iptables

    #-----Clear old rules
    echo Clearing any pre-existing IPTABLES.
    $IPT -F INPUT
    $IPT -F OUTPUT
    $IPT -F FORWARD

    $IPT -P INPUT DROP
    $IPT -P INPUT DROP
    $IPT -P FORWARD DROP

    #----Start adding allow rules here....
    # Without connection tracking... Basically this gives full trust to traffic from remote port 80 connection via tcp.

    $IPT -A INPUT -s <insert remote ip here> -p tcp --source-port 80 -j ACCEPT
    $IPT -A OUTPUT -d <insert remote ip here> -p tcp --destination-port 80 -j ACCEPT

    # Or .. With connection tracking.... Basically the same thing as above, however, this will deny incomming connection requests, and only allow the connection if you start it first.

    $IPT -A INPUT -s <remote ip> -p tcp --source-port 80 -m --state ESTABLISHED -j ACCEPT
    $IPT -A OUTPUT -d <remote ip> -p tcp --destination-port 80 -m --state NEW, ESTABLISHED -j ACCEPT


    Hope this helps... tried to keep it simple. You can do this with all IPs, protocols and ports... just mix and match if you need a really specific packet filter. (btw, ignore the typos if there are any...

  4. #4
    Linux Engineer
    Join Date
    May 2003
    Location
    Greece / Athens
    Posts
    1,169
    good job KraZyMan!you can also use man iptables to configure security manually...
    Linux For Ever!

  5. #5
    Just Joined!
    Join Date
    Jan 2005
    Posts
    2

    Firewall

    If you are looking for an easy setup, yet full linux install...

    Try out Mandrake's Multi Network Firewall (MNF)

    they have just released the new version based on Mandrake 10.1.


    Nice easy install... under 400mb..

    Full control over your firewall goodness is provided via a nice web interface.

    Im actually inlove with this product, iv been using it for over 2 years now.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •