how would I write this complex ip tables rule
Carlos Lopez
carloslopez at optusnet.com.au
Sat Jan 10 23:37:49 UTC 2004
This should work (remember, iptables goes through all the filters/rules
one at a time, so once it's caught on one it doesn't go further down the
list - in this case, just make sure that you allow access to joe. and
mary. in rules ABOVE the rule denying access to the rest of idiot.com)
...
iptables -A INPUT -s joe.idiot.com -m tcp -p tcp -tcp http -m state
--state NEW -j ACCEPT
iptables -A INPUT -s mary.idiot.com -m tcp -p tcp -tcp http -m state
--state NEW -j ACCEPT
iptables -A INPUT -s idiot.com -m tcp -p tcp -tcp http -m state --state
NEW -j DROP
c.
Technical wrote:
> i want any to access my web server;
> i want no one from idiot.com except joe.idiot.com and mary.idiot to access
> my web server... thanks
>
>
More information about the fedora-list
mailing list