Specifications
4
SuSE Live CD for Firewall
Protocol type: TCP, UDP, ICMP
Source port
Destination port
ICMP type
Source address
Destination address
Interface: eth0, ppp0, etc.
Inversion
Protocol type Protocols may be specified with their numerical protocol
type or, for the special cases TCP, UDP, and ICMP, with their names.
These names are not case-specific, so TCP is the same as tcp. A list
of names together with their corresponding numbers can be found in
/etc/protocols. The protocol specification can be negated by the
use of a ‘!’. ! TCP means all packets except TCP. If no protocol is
specified, the rule is matched to all protocols.
Source and destination port In the case of “TCP” and “UDP”, a large range
of additional options is available to restrict the selection of packets.
Most frequently used is restricting the choice to a few source and desti-
nation ports.
There are two versions of port control:
1. TCP and UDP extensions
2. The multiport module
Both versions can be used to control the ports. There are a few signifi-
cant differences, however. The UDP and TCP extensions always allow
control over just one single port or a range of ports for a rule. Different
source and destination port ranges may be specified.
The Multiport module allows up to 15 different ports to be specified for
a rule. The order here is arbitrary. In contrast to the UDP/TCP exten-
sions, however, only source ports or destination ports may be specified,
but never both. Ranges of ports are also not allowed in this module.
119SuSE Linux – Firewall on CD2