<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"> <TITLE>Message</TITLE> <META content="MSHTML 6.00.2800.1400" name=GENERATOR></HEAD> <BODY> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>Sure, Here are my rules:</FONT></SPAN></DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2></FONT></SPAN> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>*filter<BR>:INPUT ACCEPT [0:0]<BR>:FORWARD ACCEPT [0:0]<BR>:OUTPUT ACCEPT [0:0]<BR>:ADDRESS-FILTER - [0:0]<BR>:LINWIZ-INPUT - [0:0]<BR>:REJECT-PKT - [0:0]<BR>:SYN-FLOOD - [0:0]</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A INPUT -j LINWIZ-INPUT</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>######################################################################<BR># Allow all loopback interface traffic</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -i lo -j ACCEPT</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># Block all attempts to spoof the loopback address</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -s 127.0.0.0/8 -j LOG --log-prefix "SPOOFED-LOOPBACK: "<BR>-A LINWIZ-INPUT -s 127.0.0.0/8 -j DROP<BR>-A LINWIZ-INPUT -d 127.0.0.0/8 -j LOG --log-prefix "SPOOFED-LOOPBACK: "<BR>-A LINWIZ-INPUT -d 127.0.0.0/8 -j DROP</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># Block Syn Flood attacks</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -p tcp -m tcp --syn -j SYN-FLOOD</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># Ensure that TCP connections start with syn packets</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -p tcp -m tcp ! --syn -m state --state NEW -j LOG --log-prefix "SYN-EXPECTED: "<BR>-A LINWIZ-INPUT -p tcp -m tcp ! --syn -m state --state NEW -j DROP</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># Allow session continuation traffic</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># Allow all ssh traffic</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -p tcp -m tcp --dport 22 -j ACCEPT</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># Call the IP and MAC address filtering chain</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -j ADDRESS-FILTER</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># Allow ICMP ping requests from allowed hosts</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -p icmp -m icmp --icmp-type ping -j ACCEPT</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># Allow selected TCP/IP and/or UDP services</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -p tcp -m tcp --dport 111 -j ACCEPT<BR>-A LINWIZ-INPUT -p tcp -m tcp --dport 389 -j ACCEPT<BR>-A LINWIZ-INPUT -p tcp -m tcp --dport 636 -j ACCEPT<BR>-A LINWIZ-INPUT -p tcp -m tcp --dport 2049 -j ACCEPT<BR>-A LINWIZ-INPUT -p tcp -m tcp --dport 4000:4003 -j ACCEPT<BR>-A LINWIZ-INPUT -p udp -m udp --dport 111 -j ACCEPT<BR>-A LINWIZ-INPUT -p udp -m udp --dport 2049 -j ACCEPT<BR>-A LINWIZ-INPUT -p udp -m udp --dport 4000:4003 -j ACCEPT<BR>-A LINWIZ-INPUT -p tcp -m tcp --dport 515 -j ACCEPT<BR>-A LINWIZ-INPUT -p udp -m udp --dport 515 -j ACCEPT<BR>-A LINWIZ-INPUT -p tcp -m tcp --dport 27000 -j ACCEPT<BR>-A LINWIZ-INPUT -p tcp -m tcp --dport 27005 -j ACCEPT</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># Block all other TCP/IP and UDP traffic</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A LINWIZ-INPUT -j REJECT-PKT</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>######################################################################<BR># Syn flood filtering chain</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>-A SYN-FLOOD -m limit --limit 1/s --limit-burst 4 -j RETURN<BR>-A SYN-FLOOD -j LOG --log-prefix "SYN-FLOOD: "<BR>-A SYN-FLOOD -j DROP</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>######################################################################<BR># Chain used to reject all TCP/IP, UDP and ICMP/PING packets</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># This is Windows NetBIOS broadcasts<BR>-A REJECT-PKT -p udp -m udp --sport 137:138 --dport 137:138 -j DROP<BR># this IP:port address to flooding the network with broadcast messages<BR>-A REJECT-PKT -p udp -m udp -s 192.168.170.110 --sport 11002 --dport 11001 -j DROP<BR>-A REJECT-PKT -p tcp -m tcp -j LOG<BR>-A REJECT-PKT -p tcp -m tcp -j REJECT --reject-with tcp-reset<BR>-A REJECT-PKT -p udp -m udp -j LOG<BR>-A REJECT-PKT -p udp -m udp -j REJECT --reject-with icmp-port-unreachable<BR>-A REJECT-PKT -p icmp -m icmp --icmp-type ping -j LOG<BR>-A REJECT-PKT -p icmp -m icmp --icmp-type ping -j REJECT --reject-with icmp-host-unreachable</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>######################################################################<BR># IP and MAC address filtering chain</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2># asparagine<BR>-A ADDRESS-FILTER -s 192.168.170.176 -j RETURN<BR>...a bunch more here...<BR>-A ADDRESS-FILTER -j REJECT-PKT</FONT></SPAN></DIV> <DIV> </DIV> <DIV><SPAN class=491345720-29052004><FONT face=Arial color=#0000ff size=2>COMMIT<BR></FONT></SPAN></DIV> <DIV> </DIV> <DIV> </DIV> <P><FONT size=2>-----<BR>Ryan Golhar<BR>Computational Biologist<BR>The Informatics Institute at<BR>The University of Medicine & Dentistry of NJ<BR><BR>Phone: 973-972-5034<BR>Fax: 973-972-7412<BR>Email: golharam@umdnj.edu</FONT> </P> <BLOCKQUOTE style="MARGIN-RIGHT: 0px"> <DIV></DIV> <DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left><FONT face=Tahoma size=2>-----Original Message-----<BR><B>From:</B> redhat-list-bounces@redhat.com [mailto:redhat-list-bounces@redhat.com] <B>On Behalf Of </B>Pegambar<BR><B>Sent:</B> Friday, May 28, 2004 10:09 PM<BR><B>To:</B> redhat-list@redhat.com<BR><B>Subject:</B> Rapid Application<BR><BR></FONT></DIV> <P>hello </P> <P>can anyone tell me Rapid Application Development tools(like VB) in Linux. I use Glade but it require most of the coding behind after creating the front end. is there anything(s) more? with licence or without licence.</P> <P>thanks</P><BR><BR> <DIV> <DIV> <P><FONT color=#00bf60>Allah Hafiz</FONT></P> <P><FONT color=#0000bf>ik katra us ky Fazl ny darya bana dya</FONT></P> <P><FONT color=#0000bf>mai khaq tha usy ny surrya bana dya</FONT></P> <P>Adam</P></DIV></DIV> <P><BR> <HR SIZE=1> Post your free ad now! <A href="http://ca.personals.yahoo.com/"><B>Yahoo! Canada Personals</B></A><BR></BLOCKQUOTE></BODY></HTML>