On 2012-10-26 4:43 PM, Levente Uzonyi wrote:
On Thu, 25 Oct 2012, Chris Cunnington wrote:
On 2012-10-25 12:50 PM, Levente Uzonyi wrote: Yes. I would like to see that, please.
Chris
I uploaded the firewall script to http://leves.web.elte.hu/squeak/firewall . This basic version keeps port 22 and 80 open and drops all packets arriving to other ports. If you want something different, then you have to change the rules() function. When the file is copied to /etc/init.d , then
$ /etc/init.d/firewall start
will "start" the firewall. If you want to start it whenever the server is restarting, then just do
$ /etc/init.d/firewall install
I'd suggest commenting out the line
iptables -A INPUT -j DROP
the first time, so you won't lose the connection to the server if anything goes wrong. :)
Levente
This looks cool. I'll start to read it over. If it closes all the ports except 22 and 80, then I'm going to need to learn to add lines for RFB and the Altitude image:
iptables -A INPUT -p tcp --dport 5900 -j ACCEPT #vnc
Thanks for making this available.
Chris