Opening a port (ipchains)

I've got a computer that's using tcpd, ipchains, and portsentry. I
want to open a non-priveleged port at least to one specific host; all
are set to restrictive settings. /etc/hosts.deny has ALL:ALL, ipchains
was set up for high security, and portsentry is on advanced mode on
both TCP and UDP.

What do I need to do so that a given priveleged/nonpriveleged port is
open to some/all hosts?

++ Jonathan Hayward, jonathan.hayward@pobox.com
** To see an award-winning website with stories, essays, artwork,
** games, and a four-dimensional maze, why not visit my home page?
** All of this is waiting for you at http://JonathansCorner.com

Jonathan Hayward wrote:

>
>
> I've got a computer that's using tcpd, ipchains, and portsentry. I
> want to open a non-priveleged port at least to one specific host; all
> are set to restrictive settings. /etc/hosts.deny has ALL:ALL, ipchains
> was set up for high security, and portsentry is on advanced mode on
> both TCP and UDP.
>
> What do I need to do so that a given priveleged/nonpriveleged port is
> open to some/all hosts?
>
> ++ Jonathan Hayward, jonathan.hayward@pobox.com
> ** To see an award-winning website with stories, essays, artwork,
> ** games, and a four-dimensional maze, why not visit my home page?
> ** All of this is waiting for you at http://JonathansCorner.com

Try:

ipchains -A input -i eth1 -s 192.168.1.0/24 -j ACCEPT
ipchains -A output -i eth1 -d 192.168.1.0/24 -j ACCEPT

or

# HTTP server (80)
# ----------------
ipchains -A input -i eth0 -p tcp \
--source-port 1024:65535 \
-d 92.168.1.1 80 -j ACCEPT

ipchains -A output -i eth0 -p tcp ! -y \
-s 192.168.1.1 80 \
--destination-port 1024:65535 -j ACCEPT

Later Dude