Re: IPTABLES

Jonathan Morrison · ‎04-04-2010

Could anyone point me to a good IPTABLES protocol to reject all incoming traffic except for a single IP or IP range?

Thanks,

Jonathan.

Steven E. Protter · ‎04-04-2010

Shalom Jonathan,

Here is a good tutorial.
http://www.cyberciti.biz/tips/linux-iptables-how-to-specify-a-range-of-ip-addresses-or-ports.html

SEO

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Jonathan Morrison · ‎04-04-2010

Thanks for the link, I have read the tutorial but I thought there was more to it than simply running something like:

iptables -A INPUT -p tcp --destination-port 22 -m iprange --src-range 192.168.1.100-192.168.1.200 -j ACCEPT

At the command prompt. Is there no 'DROP everything else' also nededed?

Ta,

Jon.

J. Maestre · ‎04-05-2010

Before setting up specific rules you should configure a default rule for each chain (it might be set already, check with "iptables -L INPUT").

To set a default DROP rule for INPUT:

iptables -P INPUT DROP

loco_vikide · ‎04-05-2010

You might want to do something similar to this:

:INPUT DROP
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 22 -s 192.168.0.0/24 -j ACCEPT
-A INPUT -p tcp -m state --state ESTABLISHED,RELATED --dport 22 -s 192.168.0.0/24 -j ACCEPT

You could substitute the range of IPs with a specific IP address.

Cheers

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: IPTABLES

IPTABLES

Re: IPTABLES

Re: IPTABLES

Re: IPTABLES

Re: IPTABLES