Recipe 2.6 Blocking Incoming Service Requests

Previous page
Table of content
Next page

2.6.1 Problem

You want to block connections to a particular network service, for example, HTTP.

2.6.2 Solution

To block all incoming HTTP traffic:

For iptables:

# iptables -A INPUT -p tcp --dport www -j REJECT

For ipchains:

# ipchains -A input -p tcp --dport www -j REJECT

To block incoming HTTP traffic but permit local HTTP traffic:

For iptables:

# iptables -A INPUT -p tcp -i lo --dport www -j ACCEPT # iptables -A INPUT -p tcp --dport www -j REJECT

For ipchains:

# ipchains -A input -p tcp -i lo --dport www -j ACCEPT # ipchains -A input -p tcp --dport www -j REJECT

2.6.3 Discussion

You can also block access at other levels such as TCP-wrappers. [Recipe 3.9][Recipe 3.11]

2.6.4 See Also

iptables(8), ipchains(8).

Previous page
Table of content
Next page
Linux Security Cookbook
Linux Security Cookbook
ISBN: 0596003919
EAN: 2147483647
Year: 2006
Pages: 247
Authors: Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Cisco Voice Gateways and Gatekeepers
MySQL Cookbook
Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
Ruby Cookbook (Cookbooks (OReilly))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy