Re: [SLUG] firewall hole for ssh

• Next message: Matt: "Re: [SLUG] Correction: firewall hole for ssh"
• Previous message: Jason Copenhaver: "Re: [SLUG] Looking for web hosting in FL"
• In reply to: Larry Sanders: "[SLUG] firewall hole for ssh"
• Next in thread: Matt Miller: "Re: [SLUG] firewall hole for ssh"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Wed, 2002-08-21 at 23:10, Larry Sanders wrote:
> Following this is the iptables rules that I have been using.
> Notice the wonderful credit given to Derek for his help.
> I like the fact that any traffic from tthe outside is dropped.
> I have a need to allow ssh traffic in for file transfer.
> Joe suggested that I use port 222 and RSA keys for
> authentication to login.
> What additions to this file will be needed to allow this
> traffic on port 222.
> Thanks in Advance
> Larry :-)

/sbin/iptables -A INPUT -i eth0 -s 0/0 -d 192.168.49.0/24 -p tcp \
--dport 222 -j ACCEPT
# Accept connections from the outside world to the internal network on
port 222
/sbin/iptables -A INPUT -i eth0 -s 0/0 -d 192.168.49.0/24 -j LOG \
--log-prefix="EXT-INT DROP: "
/sbin/iptables -A INPUT -i eth0 -s 0/0 -d 192.168.49.0/24 -j DROP
# Log and drop packets for any other destination port not specified
above
 

-- 
Matt Miller
Systems Administrator
MP TotalCare
gpg public key id: 
08BC7B06

• application/pgp-signature attachment: This is a digitally signed message part

• Next message: Matt: "Re: [SLUG] Correction: firewall hole for ssh"
• Previous message: Jason Copenhaver: "Re: [SLUG] Looking for web hosting in FL"
• In reply to: Larry Sanders: "[SLUG] firewall hole for ssh"
• Next in thread: Matt Miller: "Re: [SLUG] firewall hole for ssh"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:48:16 EDT