02-17-2009
Quote:
But I have to allow one IP address at a time. It does not accept comma
How do I add multiple IP addresses?
You did it right. If your IP addresses encompass a range, you can do a netmask, such as 172.29.0.0/24.
I don't know what the $ signs are for (in my example, they were for a shell variable)... take them out just in case.
10 More Discussions You Might Find Interesting
1. Solaris
Hi,
So that potential responders will have an idea of what they're dealing with let me say that while I am a UNIX newbie I have been in IT for over 10 years.
We have several SUN boxes running ver 5 of the OS that have been sitting dormant for some time as they were part of a now defunct... (3 Replies)
Discussion started by: pjewett
3 Replies
2. IP Networking
My server is running on a port 16386, in the case when this port is blocked by some other application ( anti virus etc. ) or firewall then how do i know it's block? Is bind will return any specific error in this case.
I have to know is it blocked or not? (2 Replies)
Discussion started by: Saurabh78
2 Replies
3. Linux
Well, since I wrote the below, I've learned a little more about Samba, and got them to at least acknowledge each other. Still can't use Gaurd dog. Still cant print from one to the other.
I'm learning I'm learning
I recently installed mepis 7 on both my laptop and laptop. (I came... (0 Replies)
Discussion started by: Sonshyne5
0 Replies
4. IP Networking
Hello,
I want to add a port in the firewall exception list so that my application can be accessed over network even if firewall is disabled. I am using iptables command to add exception.
The problem is, after setting the rule if I change the firewall setting i.e. on/off then it is overwriting... (1 Reply)
Discussion started by: senrooy
1 Replies
5. UNIX for Advanced & Expert Users
Hi All,
I successfully configured a DEBIAN Lenny bridged firewall
using ebtables.
The bridged interface is br0.
The ethernet interface are eth0 & eth1 respectively.
All the traffic are transparently passing my firewall but i need to find & block temporarily the bandwidth abusers.
Can... (1 Reply)
Discussion started by: coolatt
1 Replies
6. UNIX for Dummies Questions & Answers
hi guys
I doing some collocation for a customer, customer requested to use other port for ssh not the default one. OK no problem
and customer will be using rsync to sync backups among other things
I know we have to open port let's say port 5999 for ssh since we are using that one now but I... (1 Reply)
Discussion started by: karlochacon
1 Replies
7. UNIX for Dummies Questions & Answers
(1 Reply)
Discussion started by: senrabdet
1 Replies
8. Shell Programming and Scripting
Hi,
I need to know what kind of firewall settings does the linux box have? Is port 25 blocked in any way?
Linux techx 3.10.0-514.10.2.el7.x86_64 #1 SMP Fri Mar 3 00:04:05 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
I'm coming from this thread. (1 Reply)
Discussion started by: mohtashims
1 Replies
9. Shell Programming and Scripting
I have my firewall process running
# ps -ef | grep firewall
root 21169 1 0 08:50 ? 00:00:00 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
I wish to know what ip : port number it is using. Can you please tell me how can i find out ?
I tried the below command... (4 Replies)
Discussion started by: mohtashims
4 Replies
10. Shell Programming and Scripting
Below is what i did to open the firewall port on
# sudo firewall-cmd --zone=public --add-port=27012/tcp --permanent
Warning: ALREADY_ENABLED: 27012:tcp
success
# sudo firewall-cmd --reload
success
# firewall-cmd --list-all
public
target: default
icmp-block-inversion: no
... (10 Replies)
Discussion started by: mohtashims
10 Replies
LEARN ABOUT OPENDARWIN
nat
NAT action in tc(8) Linux NAT action in tc(8)
NAME
nat - stateless native address translation action
SYNOPSIS
tc ... action nat DIRECTION OLD NEW
DIRECTION := { ingress | egress }
OLD := IPV4_ADDR_SPEC
NEW := IPV4_ADDR_SPEC
IPV4_ADDR_SPEC := { default | any | all | in_addr[/{prefix|netmask}]
DESCRIPTION
The nat action allows to perform NAT without the overhead of conntrack, which is desirable if the number of flows or addresses to perform
NAT on is large. This action is best used in combination with the u32 filter to allow for efficient lookups of a large number of stateless
NAT rules in constant time.
OPTIONS
ingress
Translate destination addresses, i.e. perform DNAT.
egress Translate source addresses, i.e. perform SNAT.
OLD Specifies addresses which should be translated.
NEW Specifies addresses which OLD should be translated into.
NOTES
The accepted address format in OLD and NEW is quite flexible. It may either consist of one of the keywords default, any or all, represent-
ing the all-zero IP address or a combination of IP address and netmask or prefix length separated by a slash (/) sign. In any case, the
mask (or prefix length) value of OLD is used for NEW as well so that a one-to-one mapping of addresses is assured.
Address translation is done using a combination of binary operations. First, the original (source or destination) address is matched
against the value of OLD. If the original address fits, the new address is created by taking the leading bits from NEW (defined by the
netmask of OLD) and taking the remaining bits from the original address.
There is rudimental support for upper layer protocols, namely TCP, UDP and ICMP. While for the first two only checksum recalculation is
performed, the action also takes care of embedded IP headers in ICMP packets by translating the respective address therein, too.
SEE ALSO
tc(8)
iproute2 12 Jan 2015 NAT action in tc(8)