From: Volkan YAZICI (volkany@phreaker.net)
Date: Tue 18 Nov 2003 - 06:56:47 EST
merhabalar,
yaptigim iptables kurallari su sekilde:
<!-- OPN: cmd_screen -->
bash$ cat /var/lib/iptables/defrules
# Generated by iptables-save v1.2.6a on Sat Nov 1 20:06:47 2003
*filter
:INPUT ACCEPT [2387:374626]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [245:13653]
[0:0] -A INPUT -p icmp -j DROP
[0:0] -A INPUT -s xxx.xx.xxx.xx -p tcp -m tcp --tcp-flags SYN,RST,ACK
SYN -j ACCEPT
[0:0] -A INPUT -s 127.0.0.1 -p tcp -m tcp --tcp-flags
SYN,RST,ACK SYN -j ACCEPT
[0:0] -A INPUT -p tcp -m tcp --tcp-flags
SYN,RST,ACK SYN -j DROP
[0:0] -A INPUT -m unclean -j DROP
[0:0] -A OUTPUT -m unclean -j DROP
COMMIT
# Completed on Sat Nov 1 20:06:47 2003
<!-- CLS: cmd_screen -->
bu kurallar cercevesinde bir ftp server'a baglandigim zaman...
<!-- OPN: cmd_screen -->
bash$ ftp xxx
Connected to xxx.
220 ProFTPD 1.2.8 Server ready.
Name (xxx:user): uname
331 Password required for uname.
Password:
230 User uname logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful
_
<!-- CLS: cmd_screen -->
goruldugu uzre "200 PORT command successful" satirinda sonra islem
donuyor. yani kilitlenme falan yok ama oyle bekliyor hep. fakat iptables
-F yaptigimda sorun kalmiyor.
bu konuda yardimci olursaniz cok sevinirim.
iyi calismalar.
linux-sohbet listesinden cikmak ve tum listeci islemleri icin
http://liste.linux.org.tr/ adresini kullanabilirisniz.
Bu listeden cikmak icin <a href="mailto:linux-sohbet-request@liste.linux.org.tr?Subject=unsubscribe">tiklayiniz</a>