Re: lug-bg: iptables
- Subject: Re: lug-bg: iptables
- From: nikky@xxxxxxx (Nickola Kolev)
- Date: Wed, 3 Jul 2002 09:44:30 +0300 (EEST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 3 Jul 2002, Qsin wrote:
> Jul 3 08:43:51 firewall kernel: fp=UDP:2 a=DROP IN=eth0 OUT=eth1
> SRC=192.168.xxx.yyy DST=129.6.15.28 LEN=76 TOS=0x00 PREC=0x00 TTL=127
> ID=60553 PROTO=UDP SPT=123 DPT=123 LEN=56
>
êðúö... íÿêúäå èìàø ïðàâèëî, êîåòî çàáðàíÿâà ïðîòîêîë UDP è source èëè
destination ïîðò 123, êîåòî ntp (less /etc/services). Ïðîâåðè ïî-âíèìàòåëíî
firewall ñêðèïòà ñè (èëè êàæè íà ÷îâåêà, êîéòî ãî å ïèñàë, äà ãî ïîïðàâè),
è ðàçðåøè âñè÷êî, äå ùî å udp sport 123 dport 123:
iptables -A INPUT -p udp -m udp -s 192.168.xxx.yyy --dport 123 -j ACCEPT
> i chasovnika ne se sverjava.
>
> V iptables otnosno ICMP ima slednite neshta:
>
Ñïîðåä ìåí ïðîáëåìà òè íå å â icmp.
Âñè÷êî íàé-õóáàâî,
Íèêîëà
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9Ip1Ro397UfM+hv0RAnJOAJ9MSwWR07xOzI3Z1t2pBpcijopxwACfUg8j
6OuekNClVxI/+lathbAs7YY=
=C0i8
-----END PGP SIGNATURE-----
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
|