How to create a complex rule with system-config-securitylevel?
Alexander Dalloz
ad+lists at uni-x.org
Thu Dec 2 01:22:03 UTC 2004
Am Do, den 02.12.2004 schrieb Vinicius um 1:59:
> how to create a complex rule with system-config-securitylevel, please?
Didn't I already answer you to the same question a couple of days ago,
that this is not possible? This is a very basic tool
> For example, I would like to enable a range of public IP's to access a
> specified port and block the rest.
www.netfilter.org
and please learn the syntax of iptables.
iptables -A INPUT -i eth0 -s 123.123.123.0/24 --dport 1234 -j ACCEPT
iptables -A INPUT -i eth0 -s 0/0 --dport 1234 -j REJECT --reject-with
icmp-port-unreachable
This would for instance allow the subnet 123.123.123.0 to
123.123.123.255 to connect on port 1234 which comes in through ethernet
device eth0. All other incoming connections through eth0 on port 1234
are rejected.
> TIA, Vinicius.
Alexander
--
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.9-1.6_FC2smp
Serendipity 02:21:51 up 11 days, 21:09, load average: 0.10, 0.28, 0.43
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041202/01744cf3/attachment-0001.sig>
More information about the fedora-list
mailing list