Port 22 How to open it?
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
-
Husse
Iptables
The first thing to do is look at the HOWTOs
http://www.netfilter.org/documentation/ ... tion-howto
secound keep the "man iptables" command handy.
I have adopted the "delete all, insert what I want" because it so much simpler that trying to add /delete rules one at a time.
A look at the man page will show the syntax and that "F" is the flush.
"A" is add , and if you have a blank slate after "F", it is easy. Add in the order you want the stuff, if it matters.
most operations will be in "filter" if you are not doing NAT or something fancy.
The other items are explaned in the man page. I specify "i" (interface) because iptables runs on a dual homed host, and does nat.
The "p" give the protocol to act on.
things like "--dport 15169" tell it to act on destination port 15169
The "-j" tells it what to do with a match. Often "DROP"
I would emphasize the use of the manual page, it really has most of what you need for simple filtering.
http://www.netfilter.org/documentation/ ... tion-howto
secound keep the "man iptables" command handy.
I have adopted the "delete all, insert what I want" because it so much simpler that trying to add /delete rules one at a time.
A look at the man page will show the syntax and that "F" is the flush.
"A" is add , and if you have a blank slate after "F", it is easy. Add in the order you want the stuff, if it matters.
most operations will be in "filter" if you are not doing NAT or something fancy.
The other items are explaned in the man page. I specify "i" (interface) because iptables runs on a dual homed host, and does nat.
The "p" give the protocol to act on.
things like "--dport 15169" tell it to act on destination port 15169
The "-j" tells it what to do with a match. Often "DROP"
I would emphasize the use of the manual page, it really has most of what you need for simple filtering.
Fun with iptables
If you feel mean spirited you might want to investigate some of the following:
#iptables -t filter -A INPUT -p tcp -m tcp --dport 42 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 80 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 135 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 137 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 139 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 445 -j TARPIT
##iptables -t filter -A INPUT -p tcp -m tcp --dport 1433 -j TARPIT #Microsoft-SQL-Server TCP
##iptables -t filter -A INPUT -p tcp -m tcp --dport 1434 -j TARPIT #Microsoft-SQL-Server TCP
#iptables -t filter -A INPUT -p tcp -i eth0 -m tcp --dport 901 -j TARPIT
#
I do not currently use this as it does suck up resources.
It does not drop connections when the other party requests that.
it just hangs on and on and on.
There is a module that must be installed for this to work.
and a reconfiguring of the kernel.
http://www.netfilter.org/projects/patch ... extra.html
#iptables -t filter -A INPUT -p tcp -m tcp --dport 42 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 80 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 135 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 137 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 139 -j TARPIT
#iptables -t filter -A INPUT -p tcp -m tcp --dport 445 -j TARPIT
##iptables -t filter -A INPUT -p tcp -m tcp --dport 1433 -j TARPIT #Microsoft-SQL-Server TCP
##iptables -t filter -A INPUT -p tcp -m tcp --dport 1434 -j TARPIT #Microsoft-SQL-Server TCP
#iptables -t filter -A INPUT -p tcp -i eth0 -m tcp --dport 901 -j TARPIT
#
I do not currently use this as it does suck up resources.
It does not drop connections when the other party requests that.
it just hangs on and on and on.
There is a module that must be installed for this to work.
and a reconfiguring of the kernel.
http://www.netfilter.org/projects/patch ... extra.html