I have a CentOS 6 server that needs rsh access to one of our old legacy servers which does not support ssh.
RSH connects to port 514 on the remote servers, which then creates another connection back to the client on a port between 512-1023. My current firewall skill level is "port open/port closed" and opening up all of them wouldn't leave much of a firewall. What's the most restrictive way to allow outgoing RSH connections?
Best Answer
I'd restrict the incoming from the range of servers using
iptables -A INPUT --src {IP address or range}/{netmask} -m state --state NEW -m tcp -p tcp --dport 514:1023 -j ACCEPT.You can then restrict the incoming port ranges to the right servers
Unless you need to restrict outgoing data from a specific server I would not worry about setting up outbound rules.
I use webmin to set up my basic rules then I copy them manually (its faster and it saves me from looking up all the information I don't use regularly). Webmin supports all sorts of rules--inbound, outbound and mangle. You can set webmin up on a test box then edit then write the rules and copy them to the proper server.