Need to block port 1521 for all machines except one.

Barry Brimer lists at brimer.org
Tue Mar 31 11:51:25 UTC 2009


> Hi All,As a security measure, I need to block port 1521on the database
> server , which is used by Oracle for all machines, except one.I tried using
> the following commands to block the port, but for some reason it is not
> working.Can someone please help me.
>
>
> iptables -A INPUT -s $1 -p tcp --dport 1521 -j ACCEPT
> iptables -A INPUT -p tcp --dport 1521 -j DROP
>
> where $1 is the machine name or ip address of the machine which needs access
> to the port.

I can't help but notice that you are using -A to append rules at the end 
of your existing INPUT chain.  Are there other firewall rules above these 
rules that would be accepting the traffic before these rules are even hit?




More information about the redhat-list mailing list