At 11/21/2001 08:40 AM -0500, you wrote: >Is it possible to disable all ports except for a few from a specific IP >address? > >For example, if I have one machine(or IP address) in my network that I >want to disable everything but port 80 and 443, but for the other machines >leave everything open. Being a somewhat hypothetical situation please >don't ask why you'd want to do such a thing....
ipchains -A input -i <out_if> -p tcp -s <remote_ip> 1024:65535 -d <local_ip> 80 -j ACCEPT ipchains -A input -i <out_if> -p tcp -s <remote_ip> 1024:65535 -d <local_ip> 443 -j ACCEPT ipchains -A input -i <out_if> -p tcp -s <remote_ip> 1024:65535 -d <local_ip> -j REJECT ipchains -A output -i <out_if> -p tcp ! -y -s <local_ip> -d <remote_ip> 1024:65535 -j REJECT Allow the two ports, then reject anything else. -- Rodolfo J. Paiz [EMAIL PROTECTED] _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
