iptables
Chiu, PCM (Peter)
P.C.M.Chiu at rl.ac.uk
Fri Sep 15 12:30:53 UTC 2006
I would suggest
iptables -F
iptables -A INPUT -s x.y.z.211/32 -j ACCEPT
iptables -A INPUT -s x.y.z.212/32 -j ACCEPT
....
iptables -A INPUT -s ! x.y.z.219/32 -j DROP
You may also need to include your own default router and dns server to
the accept list,
otherwise you won't get out.
Peter
-----Original Message-----
From: redhat-list-bounces at redhat.com
[mailto:redhat-list-bounces at redhat.com] On Behalf Of Patrick Derwael
Sent: 15 September 2006 13:09
To: redhat-list at redhat.com
Subject: iptables
Hi list,
I need some help with iptables. I'm trying to block every access to one
RHEL4 box (x.y.z.218), except from 9 IPs (x.y.z.211-219).
Every port from the allowed range should reach x.y.z.218
I've setup the following rules:
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -s x.y.z.211 -j ACCEPT ...
iptables -A INPUT -s x.y.z.219 -j ACCEPT
With those rules, just everything is dropped, even connections coming
from the authorized range.
What am I doing wrong here ??
--
Web and Co
Patrick Derwael
Rue Hubert Larock, 20
4280 Hannut
email: pderwael at webandco.be
http://www.webandco.be
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list