Topic: Blocking Ports on sme 6.0.1

[byte]

Hi,

I have searched the forums and there are many answers that i found didnt work on this version 6.0.1, does anyone know how to simply block ports? i.e port 110.

I know Muzo done a contrib which is good but no yet complete.

Thank you for your time

[Anonymous]

I think there is a port program in sme custom iso

[byte]

I had look at the custom and there is not one there...

Something like http://e-smith.dyndns.org/filessme/rpms/sme-denyport-1.0-4.noarch.rpm would be what im after but only works on 5.6

Any more suggestions?

[briank]

Hi
I would have expected sme-denyport-1.0-4.noarch.rpm to work on 6 as they both use iptables. Have you tried?
Regards
Brian K

[byte]

Brian,

I have tried and its not compaitble with 6.0.1

anyother sugguestions?

[briank]

Hmmm - I will have a look at the source for denyport because I think the iptables part should work. Maybe there are changes to the server-manager.
The best I can offer is to add a rule for each port.
See http://no.longer.valid/phpwiki/index.php/How%20to%20block%20AOL%20Instant%20Messenger%20and%20other%20ports for a howto on how to make a template fragment and for iptables use this instead of the chain rule that he gives
iptables --append OUTPUT -s localhost -p tcp --dport 5090 -j DROP   (substitute your port number)
This rule needs to be ahead of the accept ALL rule!
Check with iptables -L or view with Muzo's contrib.
Let me know if this works for you.
Regards
Brian Kirk

[Rien]

May be this works for you: http://www.dungog.net/sme/help/SMEhelp/Masq.html from Dungog.net ( http://www.dungog.net/sme )

Rien