LDAP (Lightweight Directory Access Protocol) powerful enterprise class directory service by default listen on UDP port 389 for queries. Following iptable rules allows incoming client request (open port UDP port 389) for server IP address 202.54.1.20 :
iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d 202.54.1.20 --dport 389 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -s 202.54.1.20 --sport 389 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
Restrict access to LDAP database server from your network is essential, following iptables allows incoming LDAP client request from IP address 202.54.1.0/24 network only:
iptables -A INPUT -p udp -s 202.54.1.0/24 --sport 1024:65535 -d 202.54.1.20 --dport 389 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -s 202.54.1.20 --sport 389 -d 202.54.1.0/24 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 0 comments… add one now }