yogee
08-08-2001, 01:16 PM
I have a linksys cable/dsl router and have 4 pc's hooked up to it. One of which is a redhat 7.1 system with many ports i need to use as services. This redhat system has nothing hooked up to it (ie monitor, keyboard or mouse) and all my systems have static ip's. My real ip changes (not very often at all) via dhcp service. Im using webmin and vncserver to use and control the entire system. In the router setup i have set the redhat system to the DMZ host which takes effect after all other rules on ports that have been setup on the router. Those of you not familiar with DMZ, it opens the entire system specified by way of its static ip, to the entire internet only after other rules have been taken effect by the router. I would like to use ipchains OR iptables in the redhat system to firewall it leaving the services needed open to use. In webmin on the redhat system there is a ipchains module to configure the system firewall but i cant or dont want to use it as a starting point. REALY though, i dont know how to work it at all. Its very confusing. When i setup redhat, i used the firewall config and it left me with some basic ipchains rules which will be posted at the bottom of this message. I added some ports (while setting up redhat), to open webmin and vncserver services so i could get in and control the system. What services are port 22 and 25? 25 im guessing is ssh and 25 ill guess is dns. Can this (ipchains) be changed over to a iptables rule set easy or is it still to early to get good help?
Also, this system is booting in run level 3. Vncserver seems to have gone and clunked out on me. I can launch it and open the login screen but cant actualy get in. Im not sure what i did but i would like to reinstall it or something to get it working again. Any ideas on that?
What i need opened: port 80, www server / port 21, ftp server / port 10000, webmin server w/SSL Encryption (can be set to anything) / ports 5801 - 5805, vncservers (just incase one crashes ill move to the next launched vncserver via ssh login inside webmin. / SSH
Have no idea why or what these are in the follwing rules created by redhats ipcains configuration upon instalation. I know what the dns is, but why it was included is beyond me.
-A input -s DNS.DNS.DNS.* 53 -d 0/0 -p udp -j ACCEPT
-A input -s DNS.DNS.DNS.* 53 -d 0/0 -p udp -j ACCEPT
I think this rule is telling the system the the default rule is to reject.
-A input -s 0/0 -d 0/0 -p tcp -y -j REJECT
-A input -s 0/0 -d 0/0 -p udp -j REJECT
My current firewall rules, but it is disabled right now!
# Firewall configuration written by lokkit
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through the
# firewall; such entries will *not* be listed here.
:input ACCEPT
:forward ACCEPT
:output ACCEPT
-A input -s 0/0 -d 0/0 10000 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5801 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5802 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5803 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5804 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5805 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 80 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 21 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT
-A input -s DNS.DNS.DNS.* 53 -d 0/0 -p udp -j ACCEPT
-A input -s DNS.DNS.DNS.* 53 -d 0/0 -p udp -j ACCEPT
-A input -s 0/0 -d 0/0 -p tcp -y -j REJECT
-A input -s 0/0 -d 0/0 -p udp -j REJECT
[ 08 August 2001: Message edited by: yogee ]
Also, this system is booting in run level 3. Vncserver seems to have gone and clunked out on me. I can launch it and open the login screen but cant actualy get in. Im not sure what i did but i would like to reinstall it or something to get it working again. Any ideas on that?
What i need opened: port 80, www server / port 21, ftp server / port 10000, webmin server w/SSL Encryption (can be set to anything) / ports 5801 - 5805, vncservers (just incase one crashes ill move to the next launched vncserver via ssh login inside webmin. / SSH
Have no idea why or what these are in the follwing rules created by redhats ipcains configuration upon instalation. I know what the dns is, but why it was included is beyond me.
-A input -s DNS.DNS.DNS.* 53 -d 0/0 -p udp -j ACCEPT
-A input -s DNS.DNS.DNS.* 53 -d 0/0 -p udp -j ACCEPT
I think this rule is telling the system the the default rule is to reject.
-A input -s 0/0 -d 0/0 -p tcp -y -j REJECT
-A input -s 0/0 -d 0/0 -p udp -j REJECT
My current firewall rules, but it is disabled right now!
# Firewall configuration written by lokkit
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through the
# firewall; such entries will *not* be listed here.
:input ACCEPT
:forward ACCEPT
:output ACCEPT
-A input -s 0/0 -d 0/0 10000 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5801 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5802 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5803 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5804 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 5805 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 80 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 21 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT
-A input -s DNS.DNS.DNS.* 53 -d 0/0 -p udp -j ACCEPT
-A input -s DNS.DNS.DNS.* 53 -d 0/0 -p udp -j ACCEPT
-A input -s 0/0 -d 0/0 -p tcp -y -j REJECT
-A input -s 0/0 -d 0/0 -p udp -j REJECT
[ 08 August 2001: Message edited by: yogee ]