
#-----------------------------------------------------------------------
# README
#-----------------------------------------------------------------------
#
# These rules were developed based on <http://xforce.iss.net/alerts/
# advise43.php>.
#
# To install, copy this file to /etc/firewall-modules/public/strict-
# mode/stacheldraht. There's no need to execute rc.firewall with the 
# --update-config parameter.
#
#-----------------------------------------------------------------------
# CHANGES
#-----------------------------------------------------------------------
#
# 2001-03-28  Jean-Sebastien Morisset <jsmoriss@mvlan.net>
#             Replaced INCHAIN by OUTCHAIN.
# 2000-10-17  Jean-Sebastien Morisset <jsmoriss@mvlan.net>
#             Initial module written for v5.0.
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------

echo "Deny $INTOPT $NETADDR Port# $UNPRIVPORTS/tcp -> $ANY Stacheldraht Server (logged)"
ipchains -A $OUTCHAIN -j DENY -p tcp -y -s $NETADDR $UNPRIVPORTS -d $ANY 16660 -l
ipchains -A $OUTCHAIN -j DENY -p tcp -y -s $NETADDR $UNPRIVPORTS -d $ANY 60001 -l

