[Dshield] Configuring iptables; need favorite port lists

John Sage jsage at finchhaven.com
Wed Jun 18 10:08:02 GMT 2003


On Tue, Jun 17, 2003 at 05:59:03PM -0700, Kenneth Porter wrote:
> --On Tuesday, June 17, 2003 1:00 PM -0700 John Sage <jsage at finchhaven.com>
> wrote:
> 
> > Unfortunately, iptables seems to be limited to lists of <=15 ports in
> > a statement, so I need a brief list of "most interesting".
> 
> You could use one of the iptables "script builders" (fwbuilder comes to mind)
> to generate an initial script.
> 
> fwbuilder is GUI-based, uses XML for its files, and you can add your own port
> descriptions. You can't import an iptables script, though, so editing the
> output is one-way.

hrm..

Well, my firewall doesn't run X, so I can't be GUI, and I've never
been a fan of script-built firewalls.

This one's hand-crafted via good 'ol emacs :-/

As far as the <=15 ports per statement, I'm just adding a second
statement, so I'm up to 30...


- John
-- 
"Obviously, we do not want to leave zombies around."




More information about the list mailing list