[H-GEN] iptables autoblocking
David O'Brien
dob12460 at bigpond.net.au
Fri Jul 22 03:23:47 EDT 2005
On Friday 22 July 2005 15:25, Michael Anthon wrote:
> [ Humbug *General* list - semi-serious discussions about Humbug and ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
> > Anyway, that aside, a normal user *can* do port redirects but they
> > cannot redirect privileged ports (i.e. ports <= 1024). IRC generally
>
> Just to clarify this a little since I think it's a bit confusing. The
> restriction is actually that only root may set up LISTENING ports in
> the privileged space. So, for example, if you wanted to redirect a
> LOCAL port, say 666 to a remote port 666 at the other end then you
> only need root access on the local end. If you are redirecting a
> REMOTE privileged port to a local listening port then the root access
> is required a the remote and and you must then log in as root.
>
> As Josh mentioned, what you are doing falls into the former category
> so you only need local root access (if you were using a privileged
> port... which you probably aren't).
>
> Clear as mud ??
>
Absolutely. I'm almost anticipating going back to work to try it :-) And of
course, I only use it for legitimate work things...
David
--
Living with Linux, paying alimony to Windows
More information about the General
mailing list