Configuration of the “/etc/rc.d/init.d/firewall” script file for the Gateway Server | All about OS

Configuration of the “/etc/rc.d/init.d/firewall” script file for the Gateway Server

Категория: Securing and Optimizing

ipchains -A input -i $EXTERNAL_INTERFACE -p tcp ! -y \ -s$POP_SERVER110\ -d $IPADDR $UNPRIVPORTS -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \ -s $IPADDR $UNPRIVPORTS \ -d $POP_SERVER 110 -j ACCEPT
#NNTP NEWS client (119)
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp ! -y \ -s $NEWS_SERVER 119 \ -d $IPADDR $UNPRIVPORTS -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \ -s $IPADDR $UNPRIVPORTS \ -d $NEWS_SERVER 119 -j ACCEPT
# FINGER client (79)
# ipchains -A input -i $EXTERNAL_INTERFACE -p tcp ! -y \
# -s $ANYWHERE 79 \
# -d $IPADDR $UNPRIVPORTS -j ACCEPT
# ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \
# -s $IPADDR $UNPRIVPORTS \
# -d $ANYWHERE 79 -j ACCEPT
#SYSLOG client (514)
# ipchains -A output -i $L0CAL_INTERFACE_1 -p udp \
# -s$IPADDR514\
# -d $SYSLOG_SERVER 514 -j ACCEPT
#AUTH server (113)
#
# Reject, rather than deny, the incoming auth port. (NET-3-H0WT0)
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp \ -s $ANYWHERE \ -d $IPADDR 113 -j REJECT
# AUTH client (113)
#

Страниц: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

« Build a kernel with Firewall Masquerading and Forwarding support
Deny access to some address »