From: I.S.C. W. <wil...@gm...> - 2012-07-18 20:45:25
|
This code is in Iptables rules ... Open port 443 to sites google, gmail and hotmail, How I can interpretet in shorewall ? $IPTABLES -A FORWARD -p tcp -d secure.shared.live.com --dport 443 -j ACCEPT $IPTABLES -A FORWARD -p tcp -d login.live.com --dport 443 -j ACCEPT $IPTABLES -A FORWARD -p tcp -d 65.54.165.139 --dport 443 -j ACCEPT $IPTABLES -A FORWARD -p tcp -d 65.55.128.204 --dport 443 -j ACCEPT #$IPTABLES -A FORWARD -p tcp -d www.gmail.com --dport 443 -j ACCEPT #$IPTABLES -A FORWARD -p tcp -d www.google.com --dport 443 -j ACCEPT What I intend to do with this is to close all the port and https port 443 open only to those sites so they can be used. 2012/7/5 Tom Eastep <te...@sh...> > On 07/05/2012 08:03 AM, I.S.C. William wrote: > > How I can interpret this code Iptables in Shorewall? > > > > iptables -A OUTPUT -d 1.168.0.0/16 -p tcp --dport 443 -j DROP > > iptables -A FORWARD -d 1.168.0.0/16 -p tcp --dport 443 -j DROP > > iptables -A INPUT -s 1.168.0.0/16 -p tcp --dport 443 -j DROP > > Assuming that 1.168.0.0/16 is in the 'net' zone: > > DROP net:1.168.0.0/16 all tcp 443 > DROP all net:1.168.0.0/16 tcp 443 > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Shorewall-users mailing list > Sho...@li... > https://lists.sourceforge.net/lists/listinfo/shorewall-users > -- I.S.C. William López Jiménez -- User Linux # 379636 MSN wlj...@ho... Jabber koa...@ja... Web: www.koalasoftmx.tk Twitter: @koalasoft Facebook: william.koalasoft |