review of hardening guide
Paul W. Frields
stickster at gmail.com
Sun Apr 3 13:26:55 UTC 2005
On Sat, 2005-04-02 at 21:50 -0800, tuxxer wrote:
> On Wed, 2005-03-30 at 22:17 -0800, Rahul Sundaram wrote:
> [BIIIIG Snip]
>
> >
> > http://members.cox.net/tuxxer/iptables-fw-config.html
> >
> > it is possible to provide a port range here. More
> > information is available in the redhat docs.
> > redhat.com/docs.
>
> Where? I've looked in the RH documentation, the Security guide etc.
> I've run a couple searches. I've tried all of the "standard" range
> indicators (-:;,) ....
>
> I'll continue to google it, to see if I find anything, but if you have a
> specific link, that would be great!
I've read the Python code to the extent I'm able, and it *doesn't*
appear to be possible. Colons are recognized as a token to separate
ports and protocols, but other than that, only the first series of
numerals up to any non-numeral will be used as a port designator. In
other words, if you enter something like 9990-9999:tcp, no error gets
thrown, but what iptables will get is "--port 9990:tcp". Of course the
iptables command will take ranges, but not system-config-securitylevel.
Rahul, from what source are you deriving this?
--
Paul W. Frields, RHCE
More information about the docs
mailing list