blocking all trafic exapt selcter ports
netfilter at crazeecanuck.homelinux.net
Sat Apr 23 22:58:33 CEST 2005
Jason Opperisano wrote:
> On Sat, Apr 23, 2005 at 05:23:07AM -0400, Ed wrote:
>>Kashif Ali Bukhari wrote:
>>>i want to block all inbod access to my linux box and want to allow
>>>dns, http proxy,ssh,telnet,and ftp
>>>how can i do this
>>First, please see
> i love that link.
Me too :)
> iptables -A INPUT -p udp --dport 53 -j ACCEPT
Ooops, shouldn't respond when really tired. =P
> multiport doesn't support ranges, mport does (and it uses a ':' not a
Again, tiredness :S (glad you caught that).
>>A classic RTFM/STFW case, nonetheless...
> yes. couldn't resist the nit-pick, though. ;-)
...and for that I am grateful. TY (really!) for the corrections. =) I
shouldn't post when really tired (instead of drinking, that'll be my
/me goes back to primarily lurking...
More information about the netfilter