iptables and ldap
Darin Perusich
darinper at cognigencorp.com
Tue Nov 5 10:25:57 EST 2002
hello,
i'm setting up an iptables script and for some unknown reason i can't
get the ldap client rule working, yet my ldap server rule is working
fine. at this point i just want to get the rule working, i'll refign it
further later.
here's the rule, default policy is DROP.
LAN_IP="172.16.0.85
LAN_INTERFACE="eth0"
LOCAL_NETWORK="172.16.0.0/24"
PRIVPORTS="0:1024"
UNPRIVPORTS="1024:65535"
# LDAP Client
# -----------
iptables -A INPUT -i $LAN_INTERFACE -p tcp \
--source-port $UNPRIVPORTS \
--destination-port 389 -j ACCEPT
iptables -A OUTPUT -i $LAN_INTERFACE -p tcp \
--source-port 389 \
--destination-port $UNPRIVPORTS -j ACCEPT
# LDAP Server
# -----------
iptables -A INPUT -i $LAN_INTERFACE -p tcp \
-s $LOCAL_NETWORK --source-port $UNPRIVPORTS \
-d $LAN_IP --destination-port ldap -j ACCEPT
iptables -A OUTPUT -o $LAN_INTERFACE -p tcp \
-s $LAN_IP --source-port ldap \
-d $LOCAL_NETWORK --destination-port $UNPRIVPORTS -j ACCEPT
--
Darin Perusich
Unix Systems Administrator
Cognigen Corp.
darinper at cognigencorp.com
More information about the nflug
mailing list