Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is an interesting solution and wouldn't mind using one of my existing servers as a gateway or proxy (?).

Is there a way to be selective about what ports are exposed from the host to the target? The target could handle it but fine grained control is nice.



You could just set a default deny iptables policy for forwarding to that host, and then explicitly open the ports you want


iptables is legacy now and if you're not already well-versed in it, better go straight to nftables (which should be easier to get started with anyway). On modern systems, iptables commands are translated to nftables equivalents by transitional package.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: