Iptables questions
Adam Gilstrap
agilstrap at infoprogroup.com
Thu Apr 8 16:49:42 UTC 2004
Those ports are used for IPSec services.
Adam Gilstrap
agilstrap at infoprogroup.com
Director of Information Technology
Phone:(706)724-1555
Fax:(706)262-5912
-----Original Message-----
From: Ryan Golhar [mailto:golharam at umdnj.edu]
Sent: Thursday, April 08, 2004 9:13 AM
To: redhat-list at redhat.com
Subject: Iptables questions
I recently installed Enterprise AS and set up the firewall using
redhat-config-securitylevel to only allow ssh traffic through. I then
looked at iptables and see the following:
# Firewall configuration written by redhat-config-securitylevel # Manual
customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A
RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A
RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT
Its allowing icmp traffic, traffic on ports 50 & 51 as well. Why is that?
Shouldn't it just allow ssh traffic? What is ports 50 & 51 used for? I
didn't see it in /etc/services
-----
Ryan Golhar
Computational Biologist
The Informatics Institute at
The University of Medicine & Dentistry of NJ
Phone: 973-972-5034
Fax: 973-972-7412
Email: golharam at umdnj.edu
More information about the redhat-list
mailing list