Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: help with iptables
Top Forums UNIX for Dummies Questions & Answers help with iptables Post 302563939 by Corona688 on Wednesday 12th of October 2011 12:36:12 PM
Old 10-12-2011
Those two rules appear to do what you want.

They should be followed by a rule which rejects everything, otherwise it might just default-accept everything though.
 

10 More Discussions You Might Find Interesting

1. IP Networking

IPtables

Hey guys, I have just started using IP tables and was wondering if anyone could direct me to any good online resources as I am totally new to this. Thanks. (1 Reply)
Discussion started by: 182x
1 Replies

2. IP Networking

Need help with iptables

Trying to create a whitelist to limit bandwidth. My sync speed is 1536/256 kbps. Simple rules in order: 1. Do not limit (or set to 1536/256) MAC 00:00:00:00:00 (computer is in 192.168.1.0/24). 2. Do not limit (or set to 1536/256) MAC 00:00:00:00:01 (computer is in 192.168.1.0/24). 3. Do not... (1 Reply)
Discussion started by: kripz
1 Replies

3. IP Networking

Iptables

Thanks in advance I have to remove ip_tables_name from /proc/net/... i was trying to do so and getting the following error cmd : rm ip_tables_names error : rm: remove regular empty file `ip_tables_names'? y rm: cannot remove `ip_tables_names': Operation not permitted (4 Replies)
Discussion started by: sudeepiit
4 Replies

4. IP Networking

iptables assistance

I have a CentOS 5.2 (10.20.21.73) machine that I need help with configuring iptables. According to documentation I believe this line should allow all communication between my machine and another machine (other machine has no firewall) -A RH-Firewall-1-INPUT -s 10.20.21.12 -j ACCEPT #... (1 Reply)
Discussion started by: beaker457
1 Replies

5. IP Networking

Iptables

What should be the iptables rule so that only the subnet 64.61.11.224/255.255.255.248 may access the mysql port 3306 (1 Reply)
Discussion started by: proactiveaditya
1 Replies

6. IP Networking

iptables changes

Hello We have one linux machine in the office which happens to be an important firewall. I just know the basics and need to make one change Essentially it is forward mysql traffic to another internal machine. This is the original rule (forward to 192.20.0.17) which is working ... (0 Replies)
Discussion started by: rina5392
0 Replies

7. UNIX for Dummies Questions & Answers

Help with iptables

Hi, I just build a Linux server, I said yes to enable the firewall. I only choose SSH conneciton. When I check the iptables. I see all of this (see below). I want to reject every thing only allow SSH from subnet 192.168.1.xx. Can you advise, how to do. Chain RH-Firewall-1-INPUT (2... (2 Replies)
Discussion started by: samnyc
2 Replies

8. IP Networking

Help with iptables

photo... (1 Reply)
Discussion started by: beerpong1
1 Replies

9. Red Hat

iptables help for port 80

Hi I enable the IPtables but port 80 was not working. Below is my active configuration (10 Replies)
Discussion started by: ranjancom2000
10 Replies

10. Ubuntu

iptables

Hi I need help with an iptables configuration, this is what I have server A Server B A and B are using different gateways i am sending port 22 from A to B, I see the packages coming in B but B is not sending the package to internet. please give me some examples. (0 Replies)
Discussion started by: lmartinez073
0 Replies

LEARN ABOUT DEBIAN

tcprules

tcprules(1)						      General Commands Manual						       tcprules(1)

NAME

       tcprules - compile rules for tcpserver

SYNOPSIS

       tcprules rules.cdb rules.tmp

OVERVIEW

       tcpserver optionally follows rules to decide whether a TCP connection is acceptable.  For example, a rule of

	  18.23.0.32:deny

       prohibits connections from IP address 18.23.0.32.

       tcprules reads rules from its standard input and writes them into rules.cdb in a binary format suited for quick access by tcpserver.

       tcprules  can be used while tcpserver is running: it ensures that rules.cdb is updated atomically.  It does this by first writing the rules
       to rules.tmp and then moving rules.tmp on top of rules.cdb.  If rules.tmp already exists, it  is  destroyed.   The  directories	containing
       rules.cdb and rules.tmp must be writable to tcprules; they must also be on the same filesystem.

       If there is a problem with the input, tcprules complains and leaves rules.cdb alone.

       The binary rules.cdb format is portable across machines.

RULE FORMAT

       A rule takes up one line.  A file containing rules may also contain comments: lines beginning with # are ignored.

       Each  rule  contains an address, a colon, and a list of instructions, with no extra spaces.  When tcpserver receives a connection from that
       address, it follows the instructions.

ADDRESSES

       tcpserver starts by looking for a rule with address TCPREMOTEINFO@TCPREMOTEIP.  If it doesn't find one, or if TCPREMOTEINFO is not set,	it
       tries  the  address TCPREMOTEIP.  If that doesn't work, it tries shorter and shorter prefixes of TCPREMOTEIP ending with a dot.	If none of
       them work, it tries the empty string.

       For example, here are some rules:

	  joe@127.0.0.1:first
	  18.23.0.32:second
	  127.:third
	  :fourth
	  ::1:fifth

       If TCPREMOTEIP is 10.119.75.38, tcpserver will follow the fourth instructions.

       If TCPREMOTEIP is ::1, tcpserver will follow the fifth instructions.  Note that	you  cannot  detect  IPv4  mapped  addresses  by  matching
       "::ffff", as those addresses will be converted to IPv4 before looking at the rules.

       If TCPREMOTEIP is 18.23.0.32, tcpserver will follow the second instructions.

       If TCPREMOTEINFO is bill and TCPREMOTEIP is 127.0.0.1, tcpserver will follow the third instructions.

       If TCPREMOTEINFO is joe and TCPREMOTEIP is 127.0.0.1, tcpserver will follow the first instructions.

ADDRESS RANGES

       tcprules treats 1.2.3.37-53:ins as an abbreviation for the rules 1.2.3.37:ins, 1.2.3.38:ins, and so on up through 1.2.3.53:ins.	Similarly,
       10.2-3.:ins is an abbreviation for 10.2.:ins and 10.3.:ins.

INSTRUCTIONS

       The instructions in a rule must begin with either allow or deny.  deny tells tcpserver to drop the  connection  without	running  anything.
       For example, the rule

	  :deny

       tells tcpserver to drop all connections that aren't handled by more specific rules.

       The  instructions  may continue with some environment variables, in the format ,VAR="VALUE".  tcpserver adds VAR=VALUE to the current envi-
       ronment.  For example,

	  10.0.:allow,RELAYCLIENT="@fix.me"

       adds RELAYCLIENT=@fix.me to the environment.  The quotes here may be replaced by any repeated character:

	  10.0.:allow,RELAYCLIENT=/@fix.me/

       Any number of variables may be listed:

	  127.0.0.1:allow,RELAYCLIENT="",TCPLOCALHOST="movie.edu"

SEE ALSO

       tcprulescheck(1), tcpserver(1), tcp-environ(5)

																       tcprules(1)
All times are GMT -4. The time now is 11:39 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy