[Linux-cluster] exact iptables command to stop a source from accessing a Linux cluster

Ian Hayes cthulhucalling at gmail.com
Fri Sep 18 03:38:25 UTC 2009 

[root at cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    DROP       all  --  10.5.5.5             anywhere
2    DROP       all  --  10.5.5.6             anywhere
3    DROP       all  --  10.5.5.7             anywhere

Find the rule number that matches the one you want to delete. Say you want
to delete #2 from the INPUT table

[root at cthulhu ~]# iptables -D INPUT 2
[root at cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    DROP       all  --  10.5.5.5             anywhere
2    DROP       all  --  10.5.5.7             anywhere


Or you can do iptables -F which will basically drop all your iptables. Make
sure you've saved recently before you do that.

On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <sunhux at gmail.com> wrote:

> Thanks Ian.
>
> So I issue this command on both cluster nodes and it will also
> stop access to the virtual cluster address?
>
> What's the command to reverse / remove
> " iptables -A INPUT -s 10.5.5.25 -j DROP " ?
> Just in case there's a problem, I'll need to reverse.
>
> Tks
> U
> On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes <cthulhucalling at gmail.com>wrote:
>
>> iptables -A INPUT -s 10.5.5.25 -j DROP
>>
>>   On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux at gmail.com> wrote:
>>
>>>
>>>  Hi,
>>>
>>> I have a RHEL 5.1  cluster that's constantly being accessed by an
>>> application from a Windows server application via sqlnet (ie Tcp
>>> port 1521) which caused a specific Oracle accounts to be locked.
>>>
>>> The owner of the Windows box does not know why the Filenet
>>> application is doing this so while she's doing the research which
>>> configuration in Filenet needs to be fixed to stop this, we need an
>>> interim measure to block this Windows server's access to the cluster.
>>>
>>> Thus I would like to set up iptables / firewall on this Linux box to
>>> stop the sqlnet access.  Can someone provide me some example
>>> commands / syntax ?
>>>
>>> Source IP address : 10.5.5.25   (Windows server)
>>> Tcp port : 1521
>>> My Linux boxes IP address :  10.5.5.46 / .47
>>> My Linux cluster virtual addr : 10.5.5.45
>>>
>>> In fact I would like to block on all ports on the Linux cluster to stop
>>> this Windows server from accessing it.  So what's the exact commands
>>> I should issue on each of the Linux box?  Would iptables also block
>>> the Windows server from accessing the cluster virtual IP addr?
>>>
>>>
>>> Thanks
>>> U
>>>
>>>
>>>
>>>
>>> --
>>> Linux-cluster mailing list
>>> Linux-cluster at redhat.com
>>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>>
>>
>>
>> --
>> Linux-cluster mailing list
>> Linux-cluster at redhat.com
>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>
>
>
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-cluster/attachments/20090917/ebd683b9/attachment.htm>

More information about the Linux-cluster mailing list