Pessoal !!!
Fiz uma regra de FIREWALL, utilizando o IPTABLES, realmente
funciona e fecha quase todas as portas e o LINK funciona bem mais r�pido,
por�m paralisa o IG, MIRC e ICQ.
Abaixo esse Script. Como implementar para liberar somente o IG,
MIRC e ICQ?
Obrigado a todos.
Joaquim - [EMAIL PROTECTED]
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
. /etc/profile.d/lang.sh
if [ -f /etc/conectiva-release ] ; then
R=$(cat /etc/conectiva-release)
# This will overwrite /etc/issue at every boot. So, make any changes
you
# want to make to /etc/issue here or you will lose them when you reboot.
echo "$R" > /etc/issue.net
echo "Kernel $(uname -r)" >> /etc/issue.net
echo >> /etc/issue.net
if [ -x /usr/bin/linux_logo ] ; then
clear > /etc/issue
linux_logo -classic >> /etc/issue
echo "$R (\l)" >> /etc/issue
echo >> /etc/issue
else
cat /etc/issue.net > /etc/issue
fi
fi
/etc/rc.d/rc.firewall
/etc/sysconfig/cbq/cbq.init start
iptables -A FORWARD -p tcp --dport 444:3127 -s 0/0 -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -p tcp --dport 444:3127 -s 0/0 -i eth1 -o eth0 -j DROP
iptables -A FORWARD -p tcp --dport 3129:3999 -s 0/0 -i eth0 -o eth1 -j
ACCEPT
iptables -A FORWARD -p tcp --dport 3129:3999 -s 0/0 -i eth1 -o eth0 -j DROP
iptables -A FORWARD -p tcp --dport 4001:6665 -s 0/0 -i eth0 -o eth1 -j
ACCEPT
iptables -A FORWARD -p tcp --dport 4001:6665 -s 0/0 -i eth1 -o eth0 -j DROP
iptables -A FORWARD -p tcp --dport 6669:64000 -s 0/0 -i eth0 -o eth1 -j
ACCEPT
iptables -A FORWARD -p tcp --dport 6669:64000 -s 0/0 -i eth1 -o eth0 -j DROP
/etc/rc.d/init.d/snort start
Assinantes em 31/10/2002: 2220
Mensagens recebidas desde 07/01/1999: 188691
Historico e [des]cadastramento: http://linux-br.conectiva.com.br
Assuntos administrativos e problemas com a lista:
mailto:linux-br-owner@;bazar.conectiva.com.br
