Bug 78723
Summary: | Protecting portmap With iptables | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | juha.heljoranta |
Component: | rhl-sg | Assignee: | Johnray Fuller <jrfuller> |
Status: | CLOSED RAWHIDE | QA Contact: | Tammy Fox <tammy.c.fox> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 8.0 | CC: | jha |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | noarch | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2003-02-14 00:19:12 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
juha.heljoranta
2002-11-28 11:15:20 UTC
I will look iinto this and update the server chapter for the next revision. Thank you so much for catching this. Take care, Johnray Below are two example iptables commands that allow TCP connections to the portmap service (listening on port 111) from the 192.168.0/24 network and from the localhost (which is necessary for the sgi_fam service used by Nautilus). All other packets are dropped. iptables -A INPUT -p tcp -s 127.0.0.1 --dport 111 -j ACCEPT Thanks for catching that. Johnray |