|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ray Leach (raymondl_at_knowledgefactory.co.za)
Date: Mon Jul 22 2002 - 08:06:29 CDT
On Mon, 2002-07-22 at 14:49, Thiego Xavier (MIU) wrote:
>
> > Ok Ray Leach
> > It could send me the rule of iptables please?
> > Thanks?
>
To enable Kazaa clients to share with other internet users:
iptables -A FORWARD -p tcp --dport 1214 -j ACCEPT
iptables -A FORWARD -i $INTERNAL_INTERFACE -p tcp --dport 1024: -s
$INTERNAT_NET -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $INTERNAL_INTERFACE -p udp --dport 1024: -s
$INTERNET_NET -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $INTERNET_INTERFACE -p tcp --sport 1024: -d
$INTERNAL_NET -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $INTERNET_INTERFACE -p udp --sport 1024: -d
$INTERNAL_NET -m state --state ESTABLISHED,RELATED -j ACCEPT
If you run a NAT firewall also these:
iptables -t nat -A POSTROUTING -o $INTERNET_INTERFACE -p tcp --dport
1024: -s $INTERNAL_NET -j SNAT --to-source $INET_IP
iptables -t nat -A POSTROUTING -o $INTERNET_INTERFACE -p udp --dport
1024: -s $INTERNAL_NET -j SNAT --to-source $INET_IP
Substitute the correct interfaces and ips for the $VARIABLES.
Ray
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe
suse.com
> For additional commands, e-mail: suse-security-helpsuse.com
> Security-related bug reports go to securitysuse.de, not here
>
-- To unsubscribe, e-mail: suse-security-unsubscribe
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]