Firewall and TCP
Michael Marsh
m at mmm7.com
Wed Mar 23 14:30:50 UTC 2005
I have a hardware firewall that forwards incoming connections on port 80
to port 22 (I can't ssh to my home box from work if I don't use port 80
since all other outgoing ports are blocked). I am trying to build an
additional iptables firewall on my linux box which sits behind the
router. Obviously port 80 is open to the world and the world thinks it
is an http port so I am getting alot of hack attempts. Is there a way to
identify any non ssh packets and stop them in their tracks. This is
tricky since my own ssh connection will travel to port 80 and is then
forwarded to port 22 behind the router. Are TCP packets identified by
port number or service type or both. Thanks in advance... I need a
little education.
___________________
More information about the fedora-list
mailing list