lehrling2
27.02.04, 18:46
hi,
ist die konfig von aussen (internet) sicher?
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Lokkit-0-50-INPUT (2 references)
target prot opt source destination
tcp -- x.x.x.x anywhere tcp flags:SYN,RST,ACK/SYN
ACCEPT udp -- anywhere anywhere udp spt:domain
tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- x.x.x.x anywhere tcp dpt:10000 flags:SYN,RST,ACK/SYN
ACCEPT tcp -- x.x.x.x anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere
REJECT tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN reject-with icmp-po
rt-unreachable
REJECT udp -- anywhere anywhere udp reject-with icmp-port-unreachable
Gruß
Lehrling
ist die konfig von aussen (internet) sicher?
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Lokkit-0-50-INPUT (2 references)
target prot opt source destination
tcp -- x.x.x.x anywhere tcp flags:SYN,RST,ACK/SYN
ACCEPT udp -- anywhere anywhere udp spt:domain
tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- x.x.x.x anywhere tcp dpt:10000 flags:SYN,RST,ACK/SYN
ACCEPT tcp -- x.x.x.x anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere
REJECT tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN reject-with icmp-po
rt-unreachable
REJECT udp -- anywhere anywhere udp reject-with icmp-port-unreachable
Gruß
Lehrling