sslug-teknik team mailing list archive
-
sslug-teknik team
-
Mailing list archive
-
Message #55123
ipchains
Hejsa
Hvilken kæde skal jeg tilføje i ipchains (og hvilke skal slettes) for at
give omverdenen adgang til min webserver (ligger på samme maskine som
laver forbindelse til internettet)??
Lige nu har jeg:
[root@silkeborg root]# ipchains -L
Chain input (policy ACCEPT):
target prot opt source destination
ports
DENY udp ----l- anywhere anywhere any
-> 0:1023
DENY tcp ----l- anywhere anywhere any
-> 0:1023
DENY tcp -y--l- anywhere anywhere any
-> any
DENY icmp ----l- anywhere anywhere
echo-request
Chain forward (policy DENY):
target prot opt source destination
ports
MASQ all ------ anywhere anywhere n/a
Chain output (policy ACCEPT):
Hvis jeg flusher input-kæderne med ipchains -F input virker det fino,
men det er vist en anelse risky... Prøvede osse med
[root@silkeborg root]# ipchains -A input -p tcp -j ACCEPT -s 0/0 -d 0/0
http -y
Hvilket giver:
[root@silkeborg root]# ipchains -L
Chain input (policy ACCEPT):
target prot opt source destination
ports
DENY udp ----l- anywhere anywhere any
-> 0:1023
DENY tcp ----l- anywhere anywhere any
-> 0:1023
DENY tcp -y--l- anywhere anywhere any
-> any
DENY icmp ----l- anywhere anywhere
echo-request
ACCEPT tcp -y---- anywhere anywhere any
-> www
Chain forward (policy DENY):
target prot opt source destination
ports
MASQ all ------ anywhere anywhere n/a
Chain output (policy ACCEPT):
men det virker bare ikke...
--
peace, love & harmony
Atte
Follow ups
