[rhn-users] iptables question
John Hall
JohnH at snetworking.com
Fri Feb 25 01:30:02 UTC 2005
We want to restrict ssh access to ip addresses 1.1.1.1 and 2.2.2.2
We think the iptables commands to do this are:
iptables -A INPUT -s 1.1.1.1 -p tcp --dport ssh -j ACCEPT
iptables -A INPUT -s 2.2.2.2 -p tcp --dport ssh -j ACCEPT
So we entered the above.
Now how to we prevent any other ip address from using ssh?
We think the iptables command would be
iptables -A INPUT --dport ssh -j DROP
But since we already entered the first two rules in, how do we place the
3rd rule in after rules 1 and 2 so that we don't accidentally block all
remote access to ssh?
Any suggestions would be helpful.
Thanks,
John (iptables newbie)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhn-users/attachments/20050224/f930bc08/attachment.htm>
More information about the rhn-users
mailing list