[wplug] iptable problems
coldfire
rolick571 at duq.edu
Sun Dec 16 18:29:47 EST 2001
> > #SSH
> > iptables -A INPUT -i ppp0 -p tcp --sport 22 -m state --state
> NEW,ESTABLISHED
> > -j ACCEPT
>
> >You probably want --dport 22. This rule accepts any connection
> >originating from port 22 on the remote machine connecting to any port
> >on the machine you're trying to protect.
>
> I have this rule:
> iptables -A OUTPUT -o ppp0 -p tcp --dport 22 -m state --state
> NEW,ESTABLISHED -j ACCEPT
but that rule specifies ppp0 as the outgoing interface ... if you want to
be able to ssh into that particular machine, you should be concerned with
the incoming interface.
coldie
More information about the wplug
mailing list