[WBEL-users] iptables port 50 and 51
Johnny Hughes
mailing-lists@hughesjr.com
Thu, 29 Jul 2004 02:29:29 -0500
--=-N7ke0U0+YcPSVG2gsOdc
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
On Wed, 2004-07-28 at 22:16, Michael Brennen wrote:
> Those are rules for protocols 50 and 51. VPN appliances are the
> only time I have ever seen those protocols used. If you won't be
> implementing a VPN I suspect you should be able to remove those
> without harm.
>
I also only know of these being required for VPN....
I did some research on the web and it looks like port 50 is for ESP
encryption / authentication (
http://www.networksorcery.com/enp/protocol/esp.htm ) ... port 51 is for
AH ( http://www.networksorcery.com/enp/protocol/ah.htm ). Both are
integral to IPSec. I don't know why they are open in the default
rules...and don't have them open on my firewall script.
>
> > -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
> > -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
> > Why are these ports open by default and what will I
> > lose if I killed those rules?
Take a look here for a very good firewall script:
RC.FIREWALL-2.4.X-STRONGER
Johnny Hughes
HughesJR.com
--=-N7ke0U0+YcPSVG2gsOdc
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 7bit
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.0.10">
</HEAD>
<BODY>
On Wed, 2004-07-28 at 22:16, Michael Brennen wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE><FONT COLOR="#737373"><I>Those are rules for protocols 50 and 51. VPN appliances are the
only time I have ever seen those protocols used. If you won't be
implementing a VPN I suspect you should be able to remove those
without harm.
</I></FONT></PRE>
</BLOCKQUOTE>
I also only know of these being required for VPN....<BR>
<BR>
I did some research on the web and it looks like port 50 is for ESP encryption / authentication ( http://www.networksorcery.com/enp/protocol/esp.htm ) ... port 51 is for AH ( http://www.networksorcery.com/enp/protocol/ah.htm ). Both are integral to IPSec. I don't know why they are open in the default rules...and don't have them open on my firewall script. <BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<PRE><FONT COLOR="#737373"><I>
> -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
> -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
> Why are these ports open by default and what will I
> lose if I killed those rules?</I></FONT></PRE>
</BLOCKQUOTE>
<BR>
Take a look here for a very good firewall script:<BR>
<BR>
<A HREF="http://ldp.hughesjr.com/HOWTO/IP-Masquerade-HOWTO/stronger-firewall-examples.html">RC.FIREWALL-2.4.X-STRONGER</A><BR>
<BR>
<PRE><TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
Johnny Hughes<BR>
<A HREF="http://www.hughesjr.com"><U>HughesJR.com</U></A>
</TD>
</TR>
</TABLE>
</PRE>
</BODY>
</HTML>
--=-N7ke0U0+YcPSVG2gsOdc--