You are not logged in.

#1 2005-02-25 04:15:49

T-Dawg
Forum Fellow
From: Wilmington, NC
Registered: 2005-01-29
Posts: 2,734

iptables config for ssh [solved]

Can anyone help me set up my iptables.rules to allow ssh on port 22 while keeping it in stealth? -It's a little above me.
I've got the default rules:

*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT 
COMMIT

Offline

#2 2005-02-25 07:16:48

cactus
Taco Eater
From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
Registered: 2004-05-25
Posts: 4,615
Website

Re: iptables config for ssh [solved]

iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT


"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍

Offline

#3 2005-02-25 11:32:40

T-Dawg
Forum Fellow
From: Wilmington, NC
Registered: 2005-01-29
Posts: 2,734

Re: iptables config for ssh [solved]

Ok that worked, but when I add iptables as a DAEMON in rc.conf, I get a indefinite hang up during boot when it gets to the KDE boot logo. What am I doing wrong?

Offline

#4 2005-02-25 18:35:38

i3839
Member
Registered: 2004-02-04
Posts: 1,185

Re: iptables config for ssh [solved]

I'd add at least the following:

-A INPUT -i lo -j ACCEPT

Offline

#5 2005-02-25 20:47:08

cactus
Taco Eater
From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
Registered: 2004-05-25
Posts: 4,615
Website

Re: iptables config for ssh [solved]

yes, and you should really not be editing the script file directly. You should just start iptables, use iptables to add/remove rules, test the settings, and then do an /etc/rc.d/iptables save


"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍

Offline

#6 2005-02-25 23:51:28

T-Dawg
Forum Fellow
From: Wilmington, NC
Registered: 2005-01-29
Posts: 2,734

Re: iptables config for ssh [solved]

Thanks guys, that was the problem -I flushed it and started over.

Offline

Board footer

Powered by FluxBB