
#-----------------------------------------------------------------------
# Copyright (C) 2000-2001, Jean-Sebastien Morisset <jsmoriss@mvlan.net>
#-----------------------------------------------------------------------
# $Id: stacheldraht,v 1.4 2001/08/11 17:01:21 jsmoriss Exp $
#-----------------------------------------------------------------------
# README
#-----------------------------------------------------------------------
#
# These rules were developed based on <http://xforce.iss.net/alerts/
# advise43.php>.
#
# To install, copy this file to /etc/firewall-modules/public/strict-
# mode/stacheldraht. There's no need to execute rc.firewall with the 
# --update-config parameter.
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------

echo "Deny $INTOPT $NETADDR Port# $UNPRIVPORTS/tcp -> $ANY Stacheldraht Server (logged)"
ipchains -A $OUTCHAIN -j DENY -p tcp -y -s $NETADDR $UNPRIVPORTS -d $ANY 16660 -l
ipchains -A $OUTCHAIN -j DENY -p tcp -y -s $NETADDR $UNPRIVPORTS -d $ANY 60001 -l

