Ist dieses Ruleset in Ordnung? [Archiv] - linuxforen.de -- User helfen Usern

thegrinch

20.08.03, 23:32

Hi Leude!

Habe mir folgendes Ruleset mal zusammengebastelt.

Chain INPUT (policy DROP)
target prot opt source destination
eingang all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain eingang (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp limit: avg 5/sec burst 5
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:11112
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable

Ist das so in Ordnung?

vielen dank für alle Antworten!

so long