Firewall and TCP
Mike Klinke
lsomike at futzin.com
Wed Mar 23 14:38:17 UTC 2005
On Wednesday 23 March 2005 08:30, Michael Marsh wrote:
> I have a hardware firewall that forwards incoming connections on
> port 80 to port 22 (I can't ssh to my home box from work if I
> don't use port 80 since all other outgoing ports are blocked). I
> am trying to build an additional iptables firewall on my linux
> box which sits behind the router. Obviously port 80 is open to
> the world and the world thinks it is an http port so I am getting
> alot of hack attempts. Is there a way to identify any non ssh
> packets and stop them in their tracks. This is tricky since my
> own ssh connection will travel to port 80 and is then forwarded
> to port 22 behind the router. Are TCP packets identified by port
> number or service type or both. Thanks in advance... I need a
> little education.
>
> ___________________
Since ssh expects an encrypted connection it will identify the
non-ssh protocol and disconnect.
You can also set up your firewall(s) to only allow certain IP
addresses through.
Regards, Mike Klinke
More information about the fedora-list
mailing list