You can tell I’m busy. No posts today so far. Installing Apache, MySQL, PHP on a new machine, and fiddling with firewalls.
Anyone good at iptables stuff? How do I let MSN Messenger through? The following would work fine if not for Messenger!
# /etc/sysconfig/iptables
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A FORWARD -j RH-Lokkit-0-50-INPUT
# lan
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp -s 192.168.1.0/255.255.255.0 -d 0/0 -j ACCEPT
# ssh
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
# smtp
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 25 --syn -j ACCEPT
# dns
-A RH-Lokkit-0-50-INPUT -p udp -m udp -s dns1_server1 --sport 53 -d 0/0 -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp -s dns_server2 --sport 53 -d 0/0 -j ACCEPT
# localhost
-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
# reject everything else
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp -j REJECT
COMMIT
I found reAim which is a compact transparent proxy designed to be run on or behind a Linux IPTables based firewall.
Trying to proxy through Squid didn’t work either, I got the following error:
TCP_DENIED/403 1020 CONNECT messenger.hotmail.com:1863 – NONE/- -
That’s annoying.
You might also like
- Busy, busy, busy
Just when I think I have a project finished and- Adbusters: Buy Nothing Day – i …
Adbusters: Buy Nothing Day - it was December 2nd here- How to umount when the device is busy
It happens all the time doesn't it? You need to
If you like this post then please subscribe to my full RSS feed. You can also click here to subscribe by email. There are also my fabulous photos and funny videos to explore too!
Donncha,
Some of the information you need might be available here