Restrict access to a particular server.

Rohit khaladkar rohit.khaladkar at gmail.com
Mon Oct 20 10:21:41 UTC 2008 

Great! This helps!! Thanks a lot!!
Rohit

On Mon, Oct 20, 2008 at 3:45 PM, Stephen Gilbert <linuxelf at gmail.com> wrote:

> You can either set your default policy to drop
>
> iptables -P INPUT DROP
>
> This would drop all packets from all servers by default.  Then the
>
> iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
>
> would accept only packets from machine_A into Oracle.
>
> You may want to add a few more ports, such as 22 for ssh access.
>
> Alternately, you could add
>
> iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
> iptables -A INPUT -p tcp --dport 1521 -j DROP
>
> Baseically, this says machine A can hit 1521, but anyone else that
> tries, just drop the packet.
>
> Rohit khaladkar wrote:
> > Thanks Geoff!! This would definitely help. So can there cannot be a
> master
> > rule on the  which would prevent all ip adresses except one.(machine A)?
> > Thanks!
> > Rohit
> >
> > On Mon, Oct 20, 2008 at 2:07 PM, Geofrey Rainey
> > <Geofrey.Rainey at tvnz.co.nz>wrote:
> >
> >
> >> You want something like this:
> >>
> >> Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
> >>
> >> This rule means allow access to port 1521 from IP machine_A.
> >> Of course this rule alone will not prevent all-and-sundry from
> >> Connecting to the server on any port, so you'll need to add
> >> Many more rules to secure your server.
> >>
> >> Regards,
> >> Geoff.
> >>
> >> -----Original Message-----
> >> From: redhat-list-bounces at redhat.com
> >> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Rohit khaladkar
> >> Sent: Monday, 20 October 2008 8:10 p.m.
> >> To: General Red Hat Linux discussion list
> >> Subject: Restrict access to a particular server.
> >>
> >> Hi All,I have two machines with Red Hat linux 5.2 installed of which one
> >> is a database server running Oracle 10.0.4 on it. I need a iptable rule
> >> which would make sure that only the other machine would have access to
> >> it.
> >>
> >> For eg : If I have two macihnes, machine A and machine B, of which
> >> machine B is a database server, can I setup a iptable rule on machine B
> >> , which would allow access to the database only by machine A.
> >>
> >> Please help.
> >>
> >> Thanks!
> >> Rohit Khaladkar
> >> --
> >> redhat-list mailing list
> >> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >> ==========================================================
> >> For more information on the Television New Zealand Group, visit us
> >> online at tvnz.co.nz
> >> ==========================================================
> >> CAUTION:  This e-mail and any attachment(s) contain information that
> >> is intended to be read only by the named recipient(s).  This information
> >> is not to be used or stored by any other person and/or organisation.
> >>
> >>
> >> --
> >> redhat-list mailing list
> >> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >>
> >>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

More information about the redhat-list mailing list