04-10-2014
iptables to block port 25 only to a certain range
I want to limit all *outbound* traffic on eth0 (or all *.*) on port 25 to a specific (allowed) range...
I.E.
192.168.1.5 (local ip) tries to connect to 1.2.3.4:25 (outside real world ip)
It can proceed because 1.2.3.0/24 is the allowed range
Now, 192.168.1.5 (local ip) tries to connect to 2.3.4.5:25 it is not allowed (drop?) because 2.3.4.5 is not part of the 1.2.3.0/24
Thanks for the help I could not find a way to do this:
This did not work:
iptables -A OUTPUT -o eth0 -p tcp -d 1.2.3.0/24 --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
Thanks!
10 More Discussions You Might Find Interesting
1. IP Networking
My server is running on a port 16386, in the case when this port is blocked by some other application ( anti virus etc. ) or firewall then how do i know it's block? Is bind will return any specific error in this case.
I have to know is it blocked or not? (2 Replies)
Discussion started by: Saurabh78
2 Replies
2. IP Networking
Hi,
i faced a problem, where i have to block a port, therefore nobody used it, evenwith SO_REUSEADDR flag. How can i achive it. (4 Replies)
Discussion started by: Saurabh78
4 Replies
3. AIX
May I know what is the TCP/UCP port range for any default AIX NFS? Based on rpcinfo -p, I got the following output:
program vers proto port service
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100000 4 ... (4 Replies)
Discussion started by: famasutika
4 Replies
4. UNIX for Advanced & Expert Users
Hi To All,
I want to Route my web application to Mysql Database through a proxy server.so for this which approach should i use
1)iptables
2)squid
if Iptables how can i make this worked .this is the ip network i'm having
web application---------Proxy server-----------------Mysql Database... (0 Replies)
Discussion started by: kgrvamsi
0 Replies
5. Shell Programming and Scripting
Hello
I'm beginner in the linux scripting and i would like to get help. I want to create a script that can block one or more Port even see all the TCP port. The ports must be blocked even when starting my machine.
Of course requires a second script which will allow the ports that you want to... (0 Replies)
Discussion started by: houstaf
0 Replies
6. AIX
Hi Guys,
Please could you tell me if it is possible to have a single rule/filter to allow a certain port range instead of a separate rule for each port?
I'm sure it must be possible but I am unable to find the syntax.
Thanks
Chris (4 Replies)
Discussion started by: chrisstevens
4 Replies
7. Red Hat
In my Linux system ephemeral port range is showing different ranges as follows
$ cat /proc/sys/net/ipv4/ip_local_port_range
32768 61000
cat /etc/sysctl.conf | grep net.ipv4.ip_local_port_range
net.ipv4.ip_local_port_range = 9000 65500
Which will be the effective ephemeral port... (5 Replies)
Discussion started by: steephen
5 Replies
8. Red Hat
Hi
I enable the IPtables but port 80 was not working. Below is my active configuration (10 Replies)
Discussion started by: ranjancom2000
10 Replies
9. AIX
I'll start with I'm not an AIX expert, I inherited a lot of AIX servers to maintain.
My problem is on AIX 7.1 TL4 SP4 environments. I'm running named as a DNS forwarder only to internal DNS servers.
These AIX servers have a customized UDP ephemeral port range to avoid conflicting with the... (0 Replies)
Discussion started by: seanc
0 Replies
10. UNIX for Beginners Questions & Answers
hi,
i would like to create a bash script that check which port in my Linux server are closed (not in use) from a specific range, port range (3000-3010).
the print output need to be only 1 port, and it will be nice if the output will be saved as a variable or in same file.
my code is:
... (2 Replies)
Discussion started by: yossi
2 Replies
LEARN ABOUT DEBIAN
net::socks
Net::SOCKS(3pm) User Contributed Perl Documentation Net::SOCKS(3pm)
NAME
Net::SOCKS - a SOCKS client class
SYNOPSIS
Establishing a connection:
my $sock = new Net::SOCKS(socks_addr => '192.168.1.3',
socks_port => 1080,
user_id => 'the_user',
user_password => 'the_password',
force_nonanonymous => 1,
protocol_version => 5);
# connect to finger port and request finger information for some_user
my $f= $sock->connect(peer_addr => '192.168.1.3', peer_port => 79);
print $f "some_user
"; # example writing to socket
while (<$f>) { print } # example reading from socket
$sock->close();
Accepting an incoming connection:
my $sock = new Net::SOCKS(socks_addr => '192.168.1.3',
socks_port => 1080,
user_id => 'the_user',
user_password => 'the_password',
force_nonanonymous => 1,
protocol_version => 5);
my ($ip, $ip_dot_dec, $port) = $sock->bind(peer_addr => "128.10.10.11",
peer_port => 9999);
$f= $sock->accept();
print $f "Hi! Type something.
"; # example writing to socket
while (<$f>) { print } # example reading from socket
$sock->close();
DESCRIPTION
my $sock = new Net::SOCKS(socks_addr => '192.168.1.3',
socks_port => 1080,
user_id => 'the_user',
user_password => 'the_password',
force_nonanonymous => 1,
protocol_version => 5);
To connect to a SOCKS server, specify the SOCKS server's
hostname, port number, SOCKS protocol version, username, and
password. Username and password are optional if you plan
to use a SOCKS server that doesn't require any authentication.
If you would like to force the connection to be
nonanoymous, set the force_nonanonymous parameter.
my $f= $sock->connect(peer_addr => '192.168.1.3', peer_port => 79);
To connect to another machine using SOCKS, use the connect method.
Specify the host and port number as parameters.
my ($ip, $ip_dot_dec, $port) = $sock->bind(peer_addr => "192.168.1.3",
peer_port => 9999);
If you wanted to accept a connection with SOCKS, specify the host
and port of the machine you expect a connection from. Upon
success, bind() returns the ip address and port number that
the SOCKS server is listening at on your behalf.
$f= $sock->accept();
If a call to bind() returns a success status code SOCKS_OKAY,
a call to the accept() method will return when the peer host
connects to the host/port that was returned by the bind() method.
Upon success, accept() returns SOCKS_OKAY.
$sock->close();
Closes the connection.
SEE ALSO
RFC 1928, RFC 1929.
AUTHOR
Clinton Wong, clintdw@netcom.com
COPYRIGHT
Copyright (c) 1997-1998 Clinton Wong. All rights reserved.
This program is free software; you can redistribute it
and/or modify it under the same terms as Perl itself.
perl v5.14.2 2012-04-18 Net::SOCKS(3pm)