From: "hare ram" <hareram@sol.net.in>
To: dharmu@nsecure.net, Raymond Leach <raymondl@knowledgefactory.co.za>
Cc: Netfilter Mailing List <netfilter@lists.netfilter.org>
Subject: Re: Time based rules ...
Date: Thu, 14 Nov 2002 15:07:01 +0530 [thread overview]
Message-ID: <02df01c28bc1$626488e0$13fcc5cb@nextto> (raw)
In-Reply-To: 200211141144.21999.dharmu@nsecure.net
yes
P-O-m support the time module
please check the Netfilter
hare
----- Original Message -----
From: "Dharmendra.T" <dharmu@nsecure.net>
To: "Raymond Leach" <raymondl@knowledgefactory.co.za>
Cc: "Netfilter Mailing List" <netfilter@lists.netfilter.org>
Sent: Thursday, November 14, 2002 11:44 AM
Subject: Re: Time based rules ...
> But I don't think we can specify the time option in iptables. If any
modules
> are there using which we can specify the time let us know.
>
> Regards,
> Dharmendra.T
> Linux Security Expert
> www.nsecure.net
> dharmu@nsecure.net
> On Thursday 14 November 2002 10:12, Raymond Leach wrote:
> > Hi
> >
> > Yes, all my chains default policies are set to DROP.
> >
> > I believe in taking the paranoid approach to security: assume everything
> > is bad and then only allow what you know to go where you want it to. I'm
> > sure you know the cliche by now :- 'where do you want to go today?'
> >
> > On Linux we know where we want to go ...
> >
> > Ray
> >
> > On Thu, 2002-11-14 at 07:08, Dharmendra.T wrote:
> > > What is the default polic you have set for? I guess it is by dropping
all
> > > the packets froom the forward chain and then you are allowing
> > > accordingly. Regards,
> > > Dharmendra.T
> > > Linux Security Expert
> > > www.nsecure.net
> > > dharmu@nsecure.net
> > >
> > > On Wednesday 13 November 2002 20:31, Raymond Leach wrote:
> > > > Hi
> > > >
> > > > Is there a way to put time restrictions on rules?
> > > > For eaxmple, something like:
> > > >
> > > > iptables -A FORWARD -i eth0 -p tcp -sport 1024: -dport 1024: -time
> > > > 0700:1700 -j DROP
> > > >
> > > > It would be nice ...
> > > >
> > > > Ray
>
> --
>
>
>
next prev parent reply other threads:[~2002-11-14 9:37 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-11-13 15:01 Time based rules Raymond Leach
2002-11-13 16:00 ` Chris Poupart
2002-11-13 16:00 ` Raymond Leach
2002-11-14 5:08 ` Dharmendra.T
2002-11-14 4:42 ` Raymond Leach
2002-11-14 6:14 ` Dharmendra.T
2002-11-14 6:54 ` Fabrice MARIE
2002-11-14 9:37 ` hare ram [this message]
[not found] <FD8F124A387AD6119F7900A0D218B321487E43@hslex01.hsl-brabantzuid.nl>
2002-11-13 15:50 ` Rob Sterenborg
2002-11-13 17:53 ` Raymond Leach
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='02df01c28bc1$626488e0$13fcc5cb@nextto' \
--to=hareram@sol.net.in \
--cc=dharmu@nsecure.net \
--cc=netfilter@lists.netfilter.org \
--cc=raymondl@knowledgefactory.co.za \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.