iptables defaults set by system-config-securitylevel: why are ports 50 and 51 opened?
I initially used a utility called 'system-config-securitylevel' to set up a firewall that only allows incoming SSH connections.
I used 'iptables-save' to dump the chains. What the heck are 'esp' and 'ah' (I think they correspond to ports 50 and 51)? Code:
# Generated by iptables-save v1.2.9 on Thu Sep 23 09:00:27 2004 Code:
Chain INPUT (policy ACCEPT) |
partially answered my own question
Ok, I guess those two mystery chains are for ipv6-crypt and ipv6-auth, and the protocols(?) are nicknamed 'esp' and 'ah', and are 'ipv6-crypt' and 'ipv6-auth', respectively. More information on IPSEC.
I still don't understand this stuff, however. Anyone have a brief but useful summary on why I might want these two chains in my firewall? Code:
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT |
All times are GMT -5. The time now is 10:17 AM. |