Port 22 How to open it?

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help

Postby Husse on Sat Jul 07, 2007 6:08 pm

Be very careful with what you do with IP-tables - it's extremely hard to get right - I've tried to set rules in a router with IP-tables - small wonder the thing did not fly out of the window :lol:
Image
Don't fix it if it ain't broken, don't break it if you can't fix it
Husse
Level 21
Level 21
 
Posts: 19703
Joined: Sun Feb 11, 2007 7:22 am
Location: Near Borås Sweden

Linux Mint is funded by ads and donations.
 

Iptables

Postby baomike on Sun Jul 08, 2007 2:27 pm

The first thing to do is look at the HOWTOs
http://www.netfilter.org/documentation/ ... tion-howto

secound keep the "man iptables" command handy.

I have adopted the "delete all, insert what I want" because it so much simpler that trying to add /delete rules one at a time.

A look at the man page will show the syntax and that "F" is the flush.
"A" is add , and if you have a blank slate after "F", it is easy. Add in the order you want the stuff, if it matters.

most operations will be in "filter" if you are not doing NAT or something fancy.

The other items are explaned in the man page. I specify "i" (interface) because iptables runs on a dual homed host, and does nat.
The "p" give the protocol to act on.
things like "--dport 15169" tell it to act on destination port 15169

The "-j" tells it what to do with a match. Often "DROP"

I would emphasize the use of the manual page, it really has most of what you need for simple filtering.
baomike
Level 1
Level 1
 
Posts: 38
Joined: Sat Jun 16, 2007 4:55 pm

Fun with iptables

Postby baomike on Sun Jul 08, 2007 2:39 pm

If you feel mean spirited you might want to investigate some of the following:

#iptables -t filter -A INPUT -p tcp -m tcp --dport 42 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 80 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 135 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 137 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 139 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 445 -j TARPIT
##iptables -t filter -A INPUT -p tcp -m tcp --dport 1433 -j TARPIT #Microsoft-SQL-Server TCP
##iptables -t filter -A INPUT -p tcp -m tcp --dport 1434 -j TARPIT #Microsoft-SQL-Server TCP
#iptables -t filter -A INPUT -p tcp -i eth0 -m tcp --dport 901 -j TARPIT
#

I do not currently use this as it does suck up resources.
It does not drop connections when the other party requests that.
it just hangs on and on and on.
There is a module that must be installed for this to work.
and a reconfiguring of the kernel.

http://www.netfilter.org/projects/patch ... extra.html
baomike
Level 1
Level 1
 
Posts: 38
Joined: Sat Jun 16, 2007 4:55 pm

Previous

Return to Newbie Questions

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], Google Adsense [Bot], VladTheImpaler, WesternSlope and 44 guests