[Dshield] IP Chains.

Will Boege will_boege at i-tech.com
Wed Oct 17 19:42:12 GMT 2001


I was under the impression that you couldn't do this with IPCHAINS.  I
know you can do it easily with IPTABLES with the line:

iptables -A INPUT -i eth0 -p tcp --syn -j DROP

Somebody jump in if I'm wrong.

-----Original Message-----
From: dshield-admin at dshield.org [mailto:dshield-admin at dshield.org] On
Behalf Of Donnie C. Moss
Sent: Wednesday, October 17, 2001 10:10 AM
To: dshield at dshield.org
Subject: [Dshield] IP Chains.


All,

Does any one know how to setup an ipchains rule that will allow only
established connections through?  My goal is to close all ports not used
(even those greater than 1024) but still allow traffic through them as a
responce to a legimitate request.

Donnie


/------------------------\
| Donnie Moss, CCNA, MCP |
| Network Administrator  |
| dcm at ugnet.org          |
| http://www.ugnet.org   |
\------------------------/




_______________________________________________
Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:
http://www1.dshield.org/mailman/listinfo/dshield




More information about the list mailing list