> hello,
>> i have put in some new ipchains rules this week and as a result I have
> lost my connection to sunsite in the UK, which was mounted on
> /mnt/sunsite.
>> What protocol/port do I need to leave open, so that the
> server will have a
> full connection to sunsite?
> A copy of the rules I'm using are at
>http://www.compsoc.com/~dburke/ipchains_rules if I haven't supplied
> enough
> info.
you might also want to block off port 6000 up to 6000+n, for X display :0 to
X :n.
Also, NFS tends to use ports around 2049, which would be better blocked off
(but that's up to rpc.portmap). check rpcinfo -p for other open > 1023
ports.
Portmap is actually a huge pain in the ass for firewalling.. i wonder if
there's a commandline option to limit it to a range of ports?
regards,
paul.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
