Problems with Bashcode

**mar_gend** · 10-24-2003

Hi,
I've some questions maybe somebody can help me.
I'am working on a firewall script in bas(os: linux) and i want to know which are the codes for this questions

1i want to filter a various number of ports
2.for this ports there must be given a set of ip's which have unlimited access.
3.i want to filter ssh separately(whit his own set of ip's)
4.the machine should not answer any pings,icmp timestamps and trace routes.[/list]

Many Thanks

Martin (student Information Technology)

**Allblack** · 10-25-2003

Have a look at the man pages for iptables or check tldp.org

**mar_gend** · 10-26-2003

I did read the man pages but i need some specific help for mine questions!

**Dolda2000** · 10-31-2003

Well, one possible solution is a setup such as this:

Code:

iptables -N CHECK2

iptables -A CHECK2 -s $IP1 -j RETURN
...
iptables -A CHECK2 -s $IPn -j RETURN
iptables -A CHECK2 -p tcp -j REJECT --reject-with tcp-reset
iptables -A CHECK2 -j REJECT

iptables -A INPUT -p tcp --dport $PORT1 -j CHECK2
...
iptables -A INPUT -p tcp --dport $PORTn -j CHECK2

iptables -A INPUT -p icmp -j DROP

I would like to beg of you, though, don't drop ICMP messages. I find that nothing is more disturbing than hosts not answering to ICMP messages.

**mar_gend** · 11-01-2003

Many THX and thx for the hint to never drop icmp.

Thread Tools

Display

Problems with Bashcode

Posting Permissions