<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=ProgId content=Word.Document>
<meta name=Generator content="Microsoft Word 10">
<meta name=Originator content="Microsoft Word 10">
<link rel=File-List href="cid:filelist.xml@01C3E1D5.25CB7400">
<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:DoNotRelyOnCSS/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:GrammarState>Clean</w:GrammarState>
<w:DocumentKind>DocumentEmail</w:DocumentKind>
<w:HyphenationZone>21</w:HyphenationZone>
<w:EnvelopeVis/>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:UseFELayout/>
</w:Compatibility>
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
</w:WordDocument>
</xml><![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;
mso-font-alt:SimSun;
mso-font-charset:134;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:3 135135232 16 0 262145 0;}
@font-face
{font-family:Fixedsys;
panose-1:0 0 0 0 0 0 0 0 0 0;
mso-font-charset:238;
mso-generic-font-family:swiss;
mso-font-format:other;
mso-font-pitch:auto;
mso-font-signature:5 0 0 0 2 0;}
@font-face
{font-family:"\@SimSun";
panose-1:2 1 6 0 3 1 1 1 1 1;
mso-font-charset:134;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:3 135135232 16 0 262145 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0cm;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:SimSun;
mso-ansi-language:SK;}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;
text-underline:single;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;
text-underline:single;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{margin:0cm;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:9.0pt;
font-family:Fixedsys;
mso-fareast-font-family:SimSun;
mso-bidi-font-family:"Times New Roman";
mso-ansi-language:SK;}
@page Section1
{size:595.3pt 841.9pt;
margin:70.85pt 126.65pt 70.85pt 126.65pt;
mso-header-margin:35.4pt;
mso-footer-margin:35.4pt;
mso-paper-source:0;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Norm\00E1lna tabu\013Eka";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin:0cm;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";}
</style>
<![endif]-->
</head>
<body lang=CS link=blue vlink=purple style='tab-interval:35.4pt'>
<div class=Section1>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Ahoj.<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Podla toho co si napisal ti staci dat na input dve
pravidla pravidla...<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT <span style='mso-spacerun:yes'> </span>-d
$IP_STROJA -m state --state ESTABLISHED,RELATED -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT <span style='mso-spacerun:yes'> </span>-d
$IP_STROJA -s 10.206.4.0/24 -p tcp --dport 80 -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>A hlavne musis povolit loopback...<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -i lo -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Mozno by si mal napisat viac info....<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Snad to helfne...<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Zdravim,<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Mam apache server+php+mysql, potrebujem aby po
registracii z tohoto<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>servera odisla hlaska cez utlitku sendEmail.Tato utilita
posle email<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>cez externy smtp server.Nepotrebujem mat teda
nainstalovany vlastny.<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Problem je ale v tom,ze ked som nasadil pravidla pre
firewall, napriek<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>tomu, ze je port 25 obojsmerne otvoreny, email zo
strany servera<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>neprejde.Mozno som urobil chybu pri vytvarani
pravidiel, moze mi<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>niekto helfnut?<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Mam MDK 9.2, iptables v1.2.8<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>*filter<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-F INPUT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-F OUTPUT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-F FORWARD<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-P INPUT DROP<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-P OUTPUT DROP<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-P FORWARD DROP<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-N web_seg<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -p TCP -i eth0 -j web_seg<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A web_seg -p TCP --dport 80 -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A web_seg -p TCP -s 10.206.4.0/24 --dport ssh -j
ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A web_seg -p TCP -s 10.206.4.0/24 --dport mysql -j
ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A web_seg -p TCP --dport smtp -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A web_seg -p tcp --dport ftp -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-N udp_seg<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -p UDP -i eth0 -j udp_seg<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A udp_seg -p UDP --dport 53 -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -p ICMP -i eth0 --icmp-type 0 -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -p ICMP -i eth0 --icmp-type 3 -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -p ICMP -i eth0 --icmp-type 8 -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -p ICMP -i eth0 --icmp-type 11 -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -p TCP -j LOG --log-level warn<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>#utok syn flood<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -p TCP --syn -m limit --limit 1/s -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'># skenovanie portov<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A INPUT -p TCP --tcp-flags SYN,ACK,FIN,RST RST -m
limit --limit 1/s<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'># poziadavky smerom von<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A OUTPUT -p ALL -s 127.0.0.1 -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A OUTPUT -p ALL -s 10.206.4.187 -j ACCEPT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>-A OUTPUT -j LOG --log-level warn<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>COMMIT<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>vdaka<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>miso<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>_______________________________________________<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>http://lists.linux.sk/listinfo/linux<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Prehladavanie archivu: http://search.lists.linux.sk<o:p></o:p></span></font></p>
<p class=MsoPlainText><font size=1 face=Fixedsys><span lang=SK
style='font-size:9.0pt'>Meta FAQ: http://faq.lists.linux.sk<o:p></o:p></span></font></p>
</div>
</body>
</html>