From: hellbreak <hellbreak@vrlteam.org>
To: netfilter@lists.netfilter.org
Cc: Antony Stone <Antony@Soft-Solutions.co.uk>
Subject: Re: nmap
Date: Wed, 23 Oct 2002 00:38:47 +0200 [thread overview]
Message-ID: <20021023003847.2c36777a.hellbreak@vrlteam.org> (raw)
In-Reply-To: <20021022183147.PITY17202.mta01-svc.ntlworld.com@there>
Thank you Antony for your idea.
But...if I set my OUTPUT to DROP which ports and protocols can I set to ACCEPT to rum nmap to allow scan to other machines?
Thx
On Tue, 22 Oct 2002 19:31:42 +0100
Antony Stone <Antony@Soft-Solutions.co.uk> wrote:
> On Tuesday 22 October 2002 4:42 pm, antonio wrote:
>
> > Hi Everyone,
> >
> > Just a question:
> > I want to set up a firewall box with iptables in which I can use nmap.
> > Which ports/protocols can I set to ACCEPT and which to DROP?
>
> Do you mean you want to run nmap on a box also running netfilter, to scan
> other machines ?
>
> If so, set your OUTPUT policy to ACCEPT, set your INPUT policy to DROP with a
> single rule:
>
> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
>
> and you'll be able to scan other machines and get the replies back, but
> anything new coming in to your machine will be blocked.
>
> If I didn't understand correctly what you wanted to do please give more
> details.
>
> Antony.
>
> --
>
> Which part of 'apt-get dist-upgrade' do you not understand ???
>
next prev parent reply other threads:[~2002-10-22 22:38 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-22 5:20 PPTP Question Rommy Taslim
2002-10-22 15:42 ` nmap antonio
2002-10-22 18:25 ` nmap Gaël Le Mignot
2002-10-22 19:12 ` nmap antonio
2002-10-22 21:05 ` nmap Gaël Le Mignot
2002-10-22 22:35 ` nmap antonio
2002-10-23 7:35 ` nmap Gaël Le Mignot
2002-10-23 9:06 ` nmap Gavin
2002-10-23 12:02 ` nmap Gaël Le Mignot
2002-10-23 12:15 ` nmap Gavin
2002-10-23 15:25 ` nmap Antony Stone
2002-10-22 18:31 ` nmap Antony Stone
2002-10-22 22:38 ` hellbreak [this message]
2002-10-22 23:25 ` nmap Nick Drage
-- strict thread matches above, loose matches on Subject: below --
2002-10-22 19:19 nmap Antonio Paulo Salgado Forster
2002-10-22 20:46 nmap Andy Wood
2002-10-22 21:11 nmap Antonio Paulo Salgado Forster
2002-10-23 5:35 nmap zeus
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20021023003847.2c36777a.hellbreak@vrlteam.org \
--to=hellbreak@vrlteam.org \
--cc=Antony@Soft-Solutions.co.uk \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.