HostedDB - Dedicated UNIX Servers

Securing-Optimizing-RH-Linux-1_2_119
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 119 # Invoked from /etc/rc.d/init.d/firewall. # chkconfig: - 60 95 # description: Starts and stops the IPCHAINS Firewall \ #              used to provide Firewall network services. # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. if [ ${NETWORKING} = "no" ] then         exit 0 fi [ -f /sbin/ipchains ] || exit 0 # See how we were called. case "$1" in   start)         echo -n "Starting Firewalling Services: " # Some definitions for easy maintenance. # ---------------------------------------------------------------------------- #  EDIT THESE TO SUIT YOUR SYSTEM AND ISP. EXTERNAL_INTERFACE="eth0"                    # whichever you use LOOPBACK_INTERFACE="lo" IPADDR="208.164.186.2" ANYWHERE="any/0" NAMESERVER_1="208.164.186.1"      # Your primary name server NAMESERVER_2="208.164.186.2"      # Your secondary name server SYSLOG_SERVER="mail.openarch.com"         # Your syslog internal server SYSLOG_CLIENT="208.164.168.0/24"          # Your syslog internal client LOOPBACK="127.0.0.0/8" CLASS_A="10.0.0.0/8" CLASS_B="172.16.0.0/12" CLASS_C="192.168.0.0/16" CLASS_D_MULTICAST="224.0.0.0/4" CLASS_E_RESERVED_NET="240.0.0.0/5" BROADCAST_SRC="0.0.0.0" BROADCAST_DEST="255.255.255.255" PRIVPORTS="0:1023" UNPRIVPORTS="1024:65535" # ---------------------------------------------------------------------------- # SSH starts at 1023 and works down to 513 for # each additional simultaneous incoming connection. SSH_PORTS="1022:1023"                     # range for SSH privileged ports  # traceroute usually uses -S 32769:65535 -D 33434:33523 TRACEROUTE_SRC_PORTS="32769:65535" TRACEROUTE_DEST_PORTS="33434:33523" # ---------------------------------------------------------------------------- # Default policy is DENY