Orlando,
I suggest you check out www.securityfocus.com Their mailing list
on Linux has just had a long discussion on iptable use. It's pretty
comprehensive.
Angus
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Orlando Reis
Sent: Thursday, 27 September 2001 1:18 PM
To: Mandrake Expert Help
Subject: [expert] Help needed
I'm using iptables and tried a lot off diferent things
but I can't seem to block a particular port.
I don't understand one thing, my fw by default is blocking everything,
how
can progs like icq and others still pass through? Is it because they
pass
only the network inside through NAT, and they can't reach the firewall
itself?
Please someone give some light on this, I'm student and we have a very
cheap network material, the network is always in congestion. It's a
student housing and we had to buy all the material by ourself. And we
have
make the most off it.
Network material is:
Firewall - pentium 120MHz 64Mgs Ram
1 Switch 10/100 Mb 8 ports
3 Hubs 10Mb 32 Ports
I don't think blocking ports is the answer, but I don't have any other
solution to the problem I have.
There are 80 ppl connected to this network, and a lot off them are using
progs like kazaa( and others), I had to change the ip_contrack_max
number
max from 4096 and multiply it by 4, or else the networks completely
crashes. I also unload and load all iptables modules every hour.
I found a link that had informaton on it:
http://www.oofle.com/FileSharing/index.htm
But even though I aplied the rules that where explained there. With
iptraf
I still see users using that type off programs.
I'm using one off the script's done by Oskar Andreasson
"Initial SIMPLE IP Firewall test script for 2.4.x", i've made changes to
adapt it to my case.
Can someone help me ? Please?
Thx in advance for your time.
These where chains I trye'd, thanks in advance.
$IPTABLES -A FORWARD -i eth0 -p TCP --sport 1024: --dport 1024 -j DROP
$IPTABLES -A FORWARD -i eth0 -p TCP --dport 1024: --sport 1024 -j DROP
$IPTABLES -A FORWARD -i eth0 -p TCP --sport 1024 -j DROP
$IPTABLES -A FORWARD -i eth0 -p TCP --dport 1024 -j DROP
$IPTABLES -A FORWARD -p TCP --dport 1214 -j DROP
$IPTABLES -A FORWARD -p TCP --sport 1214 -j DROP
$IPTABLES -A FORWARD -p TCP --dport 1214 -j REJECT
$IPTABLES -A FORWARD -p TCP --sport 1214 -j REJECT
$IPTABLES -A FORWARD -i eth0 -p TCP --sport 1024 -j REJECT
$IPTABLES -A FORWARD -i eth0 -p TCP --dport 1024 -j REJECT
$IPTABLES -t nat -A PREROUTING -d 0/0 -p tcp --sport 1214 -j DROP
$IPTABLES -t nat -A PREROUTING -d 0/0 -p tcp --dport 1214 -j DROP
$IPTABLES -t nat -A PREROUTING -s 0/0 -p tcp --dport 1214 -j DROP
$IPTABLES -t nat -A PREROUTING -s 0/0 -p tcp --sport 1214 -j DROP
None off these works.
P.S. Sorry about the bad english
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
