Hi,
You might be able to try this
FW_PROTECT_FROM_INTERNAL="yes"
and
FW_SERVICES_INT_TCP="ports seperated by space"
FW_SERVICES_INT_UDP="ports seperated by space"
FW_SERVICES_INT_IP="ports seperated by space"
and only specify the ports that should be open...
all other packets to other ports will be dropped.
e.g. :
FW_SERVICES_INT_TCP="22 80 3128 8000:8100"
(this is just an example)
22 ssh
80 web
3128 proxy
8000:8100 range of ports fo a particular service.
_____________________________________________
Make money while you work !!! No surfing required!
http://www.degoo.com/index.php?refid=mersco
This is for real !!!
----- Original Message -----
From: "Lindomar C. dos Santos"
Hi,
In URL http://209.249.46.222/linux/como-iptables-servicios.php have the follow rules,
# Yahoo! Messenger /sbin/iptables -A FORWARD -p TCP --dport 5000:5010 -j REJECT /sbin/iptables -A FORWARD -d cs.yahoo.com -j REJECT /sbin/iptables -A FORWARD -b scsa.yahoo.com -j REJECT
Thanks for the Hint! But how do I implement this in SuSEfirewall2?
bye
Mike
Gesendet über Mailserver: begros.de! Trotz sorgfältiger Virenprüfung können wir für eventuelle Schäden, die durch nicht erkannte Computerviren entstehen, keine Haftung übernehmen.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here