Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IPFW

Status
Not open for further replies.

ReN101

Technical User
Mar 26, 2003
3
AU
howdy guys , quick query , i'm interested in finding out if its posible to change the state of open ports through whatever means , from open to Filtered

thanx

ReN
 
Sure there is. But could you be a little more specific? Like which ports do you need open, when and why, and which ones you need closed, etc..

There are so many ways to do it, it'll make your head spin. Hope I was of some help...
--OR--
Thanks for the help...
--Rich

 
ok great , basically i've firewalled out all non esential ports, open ones
eg 21,22,25,80,110,3306

but on scans they appear as open and i'd like to change tthe state to closed
 
ERROR in the above post

REVISED
-------

ok great , basically i've firewalled out all non esential ports, open ones
eg 21,22,25,80,110,3306

but on scans they appear as open and i'd like to change tthe state to filtered
 
Are you saying that you have ports 21,22,25,etc. open (and want them to be open) but you want them to appear closed?
 
What type of firewall have you compiled? OPEN, CLOSED, UNKNOWN or custom. I'll assume you have open and are using IPFW. To block a port, say Telnet 21, to all outside traffice but 2 subnets 1.2.3.4 and 5.6.7.8 to your box 2.5.4.1, add these rules:

ipfw add 700 allow tcp from 1.2.3.4/24 to 2.5.4.1 23 via xl0
ipfw add 710 allow tcp from 5.6.7.8/24 to 2.5.4.1 23 via xl0
ipfw add 720 deny tcp from any to 2.5.4.1 23 via xl0

Of course you can use whatever ruleset number you use instead of 700, 710, and 720 as well as use your NIC in place of xl0.

Hope this helps.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top