iptables rules for botnet

^CJ^ · Post by **^CJ^** » Tue Sep 13, 2005 5:17 am

Hi,

I'm running eggdrop behind an iptables firewall which is kind of restrictive. Because of that, I can't run my eggdrop as a botnet hub as incoming connections from the highportrange are dropped which means userfiles cant be received. Can anyone suggest some good rules to make it work without being too unsecure? I found an eggdrop-conntrack in the patch-o-matic but it requires a 2.6 kernel which i dont have.

thanks!

demond · Post by **demond** » Tue Sep 13, 2005 2:35 pm

Code: Select all

/usr/sbin/iptables -A INPUT -s 0/0 -p TCP --dport 10000:10020 -j ACCEPT

will allow inbound TCP connections from anywhere on your reserved-portrange 10000:10020

^CJ^ · Post by **^CJ^** » Tue Sep 13, 2005 4:37 pm

ok i know how to do that but how do i teach my eggdrop to use those specific ports for userfile exchange?

De Kus · Post by **De Kus** » Tue Sep 13, 2005 4:48 pm

# If you want all dcc file transfers to use a particular portrange either
# because you're behind a firewall, or for other security reasons, set it
# here.
#set reserved-portrange 2010:2020

reading rulez

so when opening 10000-10020, you could use 10000 for users, 10001 for bots and 10002-10020 for dcc.

^CJ^ · Post by **^CJ^** » Wed Sep 14, 2005 6:06 am

De Kus wrote:reading rulez

it indeed does

thank you!