From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Message-ID: <455495B4.9020207@gmail.com> Date: Sat, 11 Nov 2006 03:07:32 +1200 From: Alexey Borovskoy User-Agent: Mozilla Thunderbird 1.0.8 (X11/20060422) X-Accept-Language: ru-ru, ru MIME-Version: 1.0 To: ALT Linux Community References: <20061110164153.556eb648.dolgov@mail.zp.ua> In-Reply-To: <20061110164153.556eb648.dolgov@mail.zp.ua> X-Enigmail-Version: 0.92.0.0 OpenPGP: id=11F3BDE1 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit Subject: Re: [Comm] =?koi8-r?b?7sHT1NLPysvBIGlwdGFibGVzIMkgy9TPLdbFIM/Uy9LZ?= =?koi8-r?b?zCDQz9LUPw==?= X-BeenThere: community@lists.altlinux.org X-Mailman-Version: 2.1.9rc1 Precedence: list Reply-To: ALT Linux Community List-Id: ALT Linux Community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Nov 2006 15:07:34 -0000 Archived-At: List-Archive: List-Post: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oleg Dolgov пишет: > Откуда взялся Port 21 (ftp)? > $IPTABLES -A allowed -p TCP --syn -j ACCEPT Отсюда взялся. "Разрешить установку новых входяших соединений без ограничений". Можно к примеру так: $IPT -P INPUT DROP $IPT -F INPUT ##INPUT $IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $IPT -A INPUT -m state --state INVALID -j DROP $IPT -A INPUT -p icmp --icmp-type 8 -j ACCEPT $IPT -A INPUT -p icmp --icmp-type 11 -j ACCEPT $IPT -A INPUT -m limit --limit 3/min -j LOG --log-level DEBUG - -- Алексей. GPG key fingerprint 949B BC0E 2C44 7528 4F63 2753 E37A 9E3F 11F3 BDE1 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFFVJW043qePxHzveERAoKKAJ9WdWupRTRVYXMSWI8DiL6yfVp+ngCgo+8V tFNJLP7Xzi8w3UzXHiRIbpo= =cUS9 -----END PGP SIGNATURE-----