Re: iptables & tcp wrappers

[Michael Schwendt <fedora wir-sind-cool org>]

On Fri, 24 Sep 2004 13:23:13 -0700, Meatplow wrote:

> I'm running RH Enterprise edition.
> 
> I'm relatively new to iptables.  I am getting the common intrusion
> attempts with some  of the common uses of test/guest/root/ and a
> couple others   I've been able to add the IPs to the to iptables.,
> but
> I'd really like a log that tells me the info that I want to know.

So, why don't you use LOG rules for that?
 
> My basic input command is this :
> #iptables -A INPUT -p tcp -s PUT_IP_HERE -d 0/0  --syn -j DROP
> 
> iptables seem a little convoluted.  Example.  To delete  a line -
> supposedly give it a line and it will be deleted/modified.  My
> problem is even with #iptable -L -v there is no line number ?

Read "man iptables" => iptables -L --line-numbers

Iptables can also delete based on full command-lines, that means if
you give it above command, just replace the -A with -D to delete it.

> My goal is to block all incoming ssh attempts except IP#.
> This is where I got into hosts.allow/deny as mentioned below.
> 
> I've tried to find many different types of commands and it works to
> some degree, but not the way I'd expect it to.
> 
> Any help would be appreciated.  I'm not completely sure that I
> understand iptables as well as I want/need to.  I've also toyed
> around with the hosts.allow/hosts.deny and have not been successful.

What have you tried? Have you read the manual pages?
 
-- 
Fedora Core release 2 (Tettnang) - Linux 2.6.7-1.494.2.2
loadavg: 0.00 0.13 0.13