Re: ipchains rule

[David Barr <dafydd2277 mac com>]

On Wednesday, Oct 29, 2003, at 13:15 US/Pacific, djo wrote:

> hi - this should be simple, but the learning curve for ipchains is 
> akin to a
> brick wall.
>
> I have a RH9 server. The security level was set to "high" during the 
> install
> process. It only has one LAN card (eth0).
>
> I now want to allow specific IP addresses access to samba (ports 
> 137:139?).
>
> Can anyone help me out?

Well, first you want to look at iptables, not ipchains. RH switched 
with version 8.

A sample command for that would be something like:

iptables -A INPUT -p tcp -m tcp --destination-port 137:139 -j ACCEPT

plus a switch for identifying a specific ip address, which I don't know 
off the top of my head.

I actually have an executable text file that clears my iptables, and 
then runs a bunch of iptables commands for specific conditions. That 
allows me to quickly and easily edit the whole set. Once I'm happy,

# service iptables save

saves the configuration for the next boot process.

Cheers!
David

--

David - Offbeat				http://www.dafydd.com
dafydd - Online
Fire2 - Burning Man ESD: Integrity*Commitment*Communication*Support

The United States of America
It's not just for WASPS any more. --me