You are not logged in.
Pages: 1
im a utter newbie at iptables, ive read all the wiki on different firewalls but i think i don't need all the scripts and other stuff, soo i did the "simple stateful firewall" is this ok:
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [69:4969]
:interfaces - [0:0]
:open - [0:0]
-A INPUT -p icmp -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -j interfaces
-A INPUT -j open
-A INPUT -p tcp -j REJECT --reject-with tcp-reset
-A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable
-A interfaces -i lo -j ACCEPT
-A open -i eth0 -p tcp -m tcp --dport 54662 -j ACCEPT #ed2k
-A open -i eth0 -p udp -m udp --dport 54665 -j ACCEPT #udp ex
-A open -i eth0 -p udp -m udp --dport 54672 -j ACCEPT #kad
COMMIT
i have one nic and no other routers or hardware firewall (just cable to modem to nic)
is this secure, will anything go wrong? do i need the amule ports open or will not added them just reject anything that doesn't fall into the top states?
Last edited by gav616 (2008-01-24 14:41:59)
Offline
bump
Offline
Most reliable expert it's - nmap. Using it, to know more about you machine secure.
Offline
is this secure, will anything go wrong? do i need the amule ports open or will not added them just reject anything that doesn't fall into the top states?
I am not sure about what you are asking, but the above looks fine and you will need the amule ports open for traffic to get through as the initial connection must be made before your stateful rule "RELATED,ESTABLISHED" will work.
Offline
Pages: 1