You can tell I’m busy. No posts today so far. Installing Apache, MySQL, PHP on a new machine, and fiddling with firewalls.
Anyone good at iptables stuff? How do I let MSN Messenger through? The following would work fine if not for Messenger!

# /etc/sysconfig/iptables
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A FORWARD -j RH-Lokkit-0-50-INPUT

# lan
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp -s -d 0/0 -j ACCEPT

# ssh
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT

# smtp
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 25 --syn -j ACCEPT

# dns
-A RH-Lokkit-0-50-INPUT -p udp -m udp -s dns1_server1 --sport 53 -d 0/0 -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp -s dns_server2 --sport 53 -d 0/0 -j ACCEPT

# localhost
-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT

# reject everything else
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp -j REJECT

I found reAim which is a compact transparent proxy designed to be run on or behind a Linux IPTables based firewall.
Trying to proxy through Squid didn’t work either, I got the following error:

TCP_DENIED/403 1020 CONNECT messenger.hotmail.com:1863 – NONE/- –

That’s annoying.

One thought on “Busy

Leave a Reply

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.