Michael1457
Technical User
I'm trying to configure a firewall for AIX to accept incoming connections on ports 22 and 443 and deny everything else. All is ok; the server accepts connections only on 22 and 443, but after that I also need to accept all outgoing connections -- ssh and telnet, for example. So I started with
Afterwards, I had to accept outgoing connections, so I introduced another rule:
and after that tried more rules:
But outgoing connections still not working, does anyone have any knowledge about this?
Code:
[tt]genfilt -v 4 -a P -s 0.0.0.0 -m 0.0.0.0 -d x.x.x.x -M 255.255.255.255 -c tcp -o any -p 0 -O eq -P 22 -w I -i all
genfilt -v 4 -a P -s 0.0.0.0 -m 0.0.0.0 -d x.x.x.x -M 255.255.255.255 -c tcp -o any -p 0 -O eq -P 443 -w I -i all
genfilt -v 4 -a D -s 0.0.0.0 -m 0.0.0.0 -d x.x.x.x -M 255.255.255.255 -c tcp -o any -p 0 -O any -P 0 -w I -i all[/tt]
Code:
genfilt -v 4 -a P -s 0.0.0.0 -m 0.0.0.0 -d x.x.x.x -M 255.255.255.255 -c tcp -o any -p 0 -O eq -P 22 -w I -i all
genfilt -v 4 -a P -s 0.0.0.0 -m 0.0.0.0 -d x.x.x.x -M 255.255.255.255 -c tcp -o any -p 0 -O eq -P 443 -w I -i all
**genfilt -v 4 -a P -s x.x.x.x -m 255.255.255.255 -d 0.0.0.0 -M 0.0.0.0 -c tcp -o any -p 0 -O any -P 0 -r L -w O -i all**
genfilt -v 4 -a D -s 0.0.0.0 -m 0.0.0.0 -d x.x.x.x -M 255.255.255.255 -c tcp -o any -p 0 -O any -P 0 -w I -i all
Code:
genfilt -v 4 -a P -s 0.0.0.0 -m 0.0.0.0 -d 0.0.0.0 -M 0.0.0.0 -c tcp/syn -o any -p 0 -O any -P 0 -w O -i all
genfilt -v 4 -a P -s 0.0.0.0 -m 0.0.0.0 -d 0.0.0.0 -M 0.0.0.0 -c tcp -o any -p 0 -O any -P 0 -w O -i all