[rhn-users] iptables question
Daniel Wittenberg
daniel-wittenberg at starken.com
Fri Feb 25 05:57:23 UTC 2005
Check out the example scripts:
http://iptables-tutorial.frozentux.net/
Dan
On Thu, 2005-02-24 at 17:30 -0800, John Hall wrote:
> We want to restrict ssh access to ip addresses 1.1.1.1 and 2.2.2.2
>
> We think the iptables commands to do this are:
>
> iptables -A INPUT -s 1.1.1.1 -p tcp --dport ssh -j ACCEPT
>
> iptables -A INPUT -s 2.2.2.2 -p tcp --dport ssh -j ACCEPT
>
> So we entered the above.
>
> Now how to we prevent any other ip address from using ssh?
>
> We think the iptables command would be
>
> iptables -A INPUT --dport ssh -j DROP
>
> But since we already entered the first two rules in, how do we place
> the 3rd rule in after rules 1 and 2 so that we don't accidentally
> block all remote access to ssh?
>
> Any suggestions would be helpful.
>
> Thanks,
>
> John (iptables newbie)
>
>
>
>
>
>
> _______________________________________________
> rhn-users mailing list
> rhn-users at redhat.com
> https://www.redhat.com/mailman/listinfo/rhn-users
--
=============================
Daniel Wittenberg
RHCE/IBM Certified Specialist
President/CTO
The Starken Group
http://www.starken.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/rhn-users/attachments/20050224/9282fb94/attachment.sig>
More information about the rhn-users
mailing list