Solved

Simple question: closing ports

Posted on 2001-08-11
6
295 Views
Last Modified: 2010-03-18
I want to close off some ports on my machine and I was told to use iptables (I have kernel 2.4.3). I can't figure out how to do it from the man page. What command would I issue to say close off port 111?
0
Comment
Question by:deck16
6 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 75 total points
Comment Utility
iptables -A FORWARD -d <your-IP> --dport 111 -j DROP
iptables -A INPUT   -d localhost --dport 111 -j DROP

# you need to have packetfiltering enabled in the kernel
0
 
LVL 1

Expert Comment

by:zxcvzxcv
Comment Utility
you put a place to put my IP. I don't have a static IP. What do I put there? (localhost?)
0
 

Author Comment

by:deck16
Comment Utility
rrr, I hate the auto-login (sorry for posting with a different account I'm at by brother's house (zxcvzxcv) not used to having to logout and then back in :-)
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 7

Expert Comment

by:HalldorG
Comment Utility
What about

ADDR=$(/sbin/ifconfig ppp0 | grep addr | cut -d':' -f 2 | cut -d' ' -f 1)

There the address is set as it IP number of your machine
and later refer to the IP address as $ADDR

Like


iptables -A FORWARD -d $ADDR/32 --dport 111 -j DROP




0
 

Author Comment

by:deck16
Comment Utility
why $ADDR/32 in the iptables argument?
0
 
LVL 7

Expert Comment

by:HalldorG
Comment Utility
that is the mask for the address 32 bits = 255.255.255.255
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now