[ale] ipchains help?
Chris Ricker
kaboom at gatech.edu
Mon Dec 7 15:10:49 EST 1998
On Mon, 7 Dec 1998, Nomad the Wanderer wrote:
> Ok,
> I have a box compiled for firewalling, etc. I have compiled
> and installed ipchains. I have one interface, eth0. Can anyone
> give me a couple
> quick lines showing:
>
> deny all incoming on all ports
> allow all incomping ssh from a single host.
Okay, for the first part, you want something like
ipchains -A input -s /0 -p TCP -j DENY
ipchains -A input -s /0 -p UDP -j DENY
ipchains -A input -s /0 -p ICMP -j DENY
and for the second part, something like
ipchains -A input -s source.ip.address -d destination.ip.address -p 22 -j ALLOW
Basic explanation:
-s /0 says the source is any machine at all
-p is the port to watch. I don't think there's a specific shorthand for all
network traffic, but TCP, UDP, and ICMP should cover most of the bases ;-).
You should probably check those with the HOWTO to be sure, though.
later,
chris
--
Chris Ricker kaboom at gatech.edu
chris.ricker at m.cc.utah.edu
More information about the Ale
mailing list