egghelp.org community Forum Index
[ egghelp.org home | forum home ]		 egghelp.org community
Discussion of eggdrop bots, shell accounts and tcl scripts.
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

iptables rules for botnet

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    egghelp.org community Forum Index -> Archive
View previous topic :: View next topic  
Author Message
^CJ^
Voice


Joined: 10 Sep 2005
Posts: 12
PostPosted: Tue Sep 13, 2005 5:17 am    Post subject: iptables rules for botnet Reply with quote
Hi,

I'm running eggdrop behind an iptables firewall which is kind of restrictive. Because of that, I can't run my eggdrop as a botnet hub as incoming connections from the highportrange are dropped which means userfiles cant be received. Can anyone suggest some good rules to make it work without being too unsecure? I found an eggdrop-conntrack in the patch-o-matic but it requires a 2.6 kernel which i dont have.

thanks!
Back to top
View user's profile Send private message
demond
Revered One


Joined: 12 Jun 2004
Posts: 3073
Location: San Francisco, CA
PostPosted: Tue Sep 13, 2005 2:35 pm    Post subject: Reply with quote
Code:

/usr/sbin/iptables -A INPUT -s 0/0 -p TCP --dport 10000:10020 -j ACCEPT


will allow inbound TCP connections from anywhere on your reserved-portrange 10000:10020
Back to top
View user's profile Send private message Visit poster's website
^CJ^
Voice


Joined: 10 Sep 2005
Posts: 12
PostPosted: Tue Sep 13, 2005 4:37 pm    Post subject: Reply with quote
ok i know how to do that but how do i teach my eggdrop to use those specific ports for userfile exchange?
Back to top
View user's profile Send private message
De Kus
Revered One


Joined: 15 Dec 2002
Posts: 1361
Location: Germany
PostPosted: Tue Sep 13, 2005 4:48 pm    Post subject: Reply with quote
Quote:
# If you want all dcc file transfers to use a particular portrange either
# because you're behind a firewall, or for other security reasons, set it
# here.
#set reserved-portrange 2010:2020

reading rulez

so when opening 10000-10020, you could use 10000 for users, 10001 for bots and 10002-10020 for dcc.
_________________
De Kus
StarZ|De_Kus, De_Kus or DeKus on IRC
Copyright © 2005-2009 by De Kus - published under The MIT License
Love hurts, love strengthens...
Back to top
View user's profile Send private message MSN Messenger
^CJ^
Voice


Joined: 10 Sep 2005
Posts: 12
PostPosted: Wed Sep 14, 2005 6:06 am    Post subject: Reply with quote
De Kus wrote:
reading rulez


it indeed does Embarassed

thank you!
Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    egghelp.org community Forum Index -> Archive All times are GMT - 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Forum hosting provided by Reverse.net

Powered by phpBB © 2001, 2005 phpBB Group
subGreen style by ktauber