Problems with Bashcode
I've some questions maybe somebody can help me.
I'am working on a firewall script in bas(os: linux) and i want to know which are the codes for this questions
1i want to filter a various number of ports
2.for this ports there must be given a set of ip's which have unlimited access.
3.i want to filter ssh separately(whit his own set of ip's)
4.the machine should not answer any pings,icmp timestamps and trace routes.[/list]
Martin (student Information Technology)
Have a look at the man pages for iptables or check tldp.org
I did read the man pages but i need some specific help for mine questions!
Well, one possible solution is a setup such as this:
I would like to beg of you, though, don't drop ICMP messages. I find that nothing is more disturbing than hosts not answering to ICMP messages.
iptables -N CHECK2
iptables -A CHECK2 -s $IP1 -j RETURN
iptables -A CHECK2 -s $IPn -j RETURN
iptables -A CHECK2 -p tcp -j REJECT --reject-with tcp-reset
iptables -A CHECK2 -j REJECT
iptables -A INPUT -p tcp --dport $PORT1 -j CHECK2
iptables -A INPUT -p tcp --dport $PORTn -j CHECK2
iptables -A INPUT -p icmp -j DROP
:wink: Many THX and thx for the hint to never drop icmp.