| View previous topic :: View next topic |
| Author |
Message |
^CJ^ Voice
Joined: 10 Sep 2005 Posts: 12
|
Posted: Tue Sep 13, 2005 5:17 am Post subject: iptables rules for botnet |
|
|
Hi,
I'm running eggdrop behind an iptables firewall which is kind of restrictive. Because of that, I can't run my eggdrop as a botnet hub as incoming connections from the highportrange are dropped which means userfiles cant be received. Can anyone suggest some good rules to make it work without being too unsecure? I found an eggdrop-conntrack in the patch-o-matic but it requires a 2.6 kernel which i dont have.
thanks! |
|
| Back to top |
|
 |
demond Revered One

Joined: 12 Jun 2004 Posts: 3073 Location: San Francisco, CA
|
Posted: Tue Sep 13, 2005 2:35 pm Post subject: |
|
|
| Code: |
/usr/sbin/iptables -A INPUT -s 0/0 -p TCP --dport 10000:10020 -j ACCEPT
|
will allow inbound TCP connections from anywhere on your reserved-portrange 10000:10020 |
|
| Back to top |
|
 |
^CJ^ Voice
Joined: 10 Sep 2005 Posts: 12
|
Posted: Tue Sep 13, 2005 4:37 pm Post subject: |
|
|
| ok i know how to do that but how do i teach my eggdrop to use those specific ports for userfile exchange? |
|
| Back to top |
|
 |
De Kus Revered One

Joined: 15 Dec 2002 Posts: 1361 Location: Germany
|
Posted: Tue Sep 13, 2005 4:48 pm Post subject: |
|
|
| Quote: | # If you want all dcc file transfers to use a particular portrange either
# because you're behind a firewall, or for other security reasons, set it
# here.
#set reserved-portrange 2010:2020 |
reading rulez
so when opening 10000-10020, you could use 10000 for users, 10001 for bots and 10002-10020 for dcc. _________________ De Kus
StarZ|De_Kus, De_Kus or DeKus on IRC
Copyright © 2005-2009 by De Kus - published under The MIT License
Love hurts, love strengthens... |
|
| Back to top |
|
 |
^CJ^ Voice
Joined: 10 Sep 2005 Posts: 12
|
Posted: Wed Sep 14, 2005 6:06 am Post subject: |
|
|
| De Kus wrote: | | reading rulez |
it indeed does
thank you! |
|
| Back to top |
|
 |
|