Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Block port for all except for one specific ip in Solaris11.4
Operating Systems Solaris Block port for all except for one specific ip in Solaris11.4 Post 303035694 by Sumanthsv on Thursday 30th of May 2019 11:50:09 PM
Old 05-31-2019
Block port for all except for one specific ip in Solaris11.4
Hi,

I need to block ssh port 22 from all the servers except one server ip.
Until solaris11.3 and below, I used to do like below(under /etc/ipf/ipf.conf),and it's working fine
Code:
pass in quick from $server_ip to any port=22
block in quick from any to any port=22

But I tried almost same in 11.4 like below(under /etc/firewall/pf.conf), It's not working
Code:
pass in proto tcp from x.x.x.x to any port = 22
block in proto tcp from any to any port = 22

Where am I doing wrong here?

TIA
 

10 More Discussions You Might Find Interesting

1. IP Networking

block telnet to specific port

Hello All I am running redhat linux 7.2 and would like to know how i can block telnetting to a specified port . say for example i would like to block telnet acesses to port 80. regards Xiamin (5 Replies)
Discussion started by: xiamin
5 Replies

2. Solaris

Logged input to specific port?

Hi, Anyone know how I can log all input - when a user logs in to a specific port number ie if user telnet to port specifically telnet 0 4800 I want to log all input that the user inputs.. Is this possible?? Is the sun solaris forum the correct forum or should this perhaps go... (10 Replies)
Discussion started by: frustrated1
10 Replies

3. Shell Programming and Scripting

To get the ip of the devices connected to a specific port.

H, I want to know the ip of the devices connected to a specific port. Suppose 2 s/m's are connected to port 3092. I want to get the ip of those system's . how do i get it? (1 Reply)
Discussion started by: madhumathikv
1 Replies

4. UNIX for Advanced & Expert Users

telnet on specific port??

Hi all, I have a problem. I have machine names and their IP addresses in /etc/hosts file. My application does telnet on that machine host name. The application does not uses IP address for tenet. It will fetch the host name from /etc/hosts file. Now the telnet server runs on customized port.... (6 Replies)
Discussion started by: zing_foru
6 Replies

5. Solaris

how to open specific port

Dear members, My release is open Solaris b103 1- How to know the opening port in my system 2- How to open a specific port like port number 53 3- How to closed the specific port like port number 53 Your feedback highly appreciated (10 Replies)
Discussion started by: dellroxy
10 Replies

6. Solaris

how to open a specific port

Hi All, Can anyone let me know that how to open a specific port in Solaris 10. I just wanted to know if there are some certain commands to open a port (like ftp, telnet). It would be also better if someone can tell me if there is another firewall service in Solaris 10 except ipfilter. ... (6 Replies)
Discussion started by: naw_deepak
6 Replies

7. IP Networking

Bandwidth shaping on specific port

Hi, I've been looking for a few hours now, reading various docs and man pages, but the info I found so far is either not what I was looking for or I just don't get how to do the thing I need.... So, my "problems" is that I have a server running on a specific port and I need to shape traffic... (2 Replies)
Discussion started by: Zamba
2 Replies

8. Shell Programming and Scripting

How to make a script that logs bandwidth on a specific port?

I have a script that runs right before a daily reboot that captures the amount of MB transmitted up and pulled down since last reboot. echo `date +"%m-%d-%y"``grep eth0 /proc/net/dev | awk '{print ","$2/1024/1024","$10/1024/1024}'`>>/home/nick/bandwidth.logIn looking at the raw output of... (1 Reply)
Discussion started by: nbsparks
1 Replies

9. UNIX for Dummies Questions & Answers

Add a block of code at the end of a specific block

I need to search for a block with the starting pattern say "tabId": "table_1", and ending pattern say "]" and then add a few lines before "]" "block1":"block_111" "tabId": "table_1", "title":"My title" ..... .... }] how do I achieve it using awk and sed. Thanks, Lakshmi (3 Replies)
Discussion started by: Lakshmikumari
3 Replies

10. Shell Programming and Scripting

IP list specific port checker script

Hello again people, I currently searching for a code/script that will allow it to check if a specific port is open, lets say 123. Found a public script on a ftp but I dont know how and what to modify in it to suit my needs. (I think this is a evil code and I want to use it as an example). ... (3 Replies)
Discussion started by: galford
3 Replies

LEARN ABOUT FREEBSD

ipfs

IPFS(8) 						      System Manager's Manual							   IPFS(8)

NAME

       ipfs - saves and restores information for NAT and state tables.

SYNOPSIS

       ipfs [-nv] -l

       ipfs [-nv] -u

       ipfs [-nv] [ -d <dirname> ] -R

       ipfs [-nv] [ -d <dirname> ] -W

       ipfs [-nNSv] [ -f <filename> ] -r

       ipfs [-nNSv] [ -f <filename> ] -w

       ipfs [-nNSv] -f <filename> -i <if1>,<if2>

DESCRIPTION

       ipfs  allows  state  information created for NAT entries and rules using keep state to be locked (modification prevented) and then saved to
       disk, allowing for the system to experience a reboot, followed by the restoration of that information, resulting in connections	not  being
       interrupted.

OPTIONS

       -d     Change the default directory used with -R and -W options for saving state information.

       -n     Don't actually take any action that would affect information stored in the kernel or on disk.

       -v     Provides a verbose description of what's being done.

       -i <ifname1>,<ifname2>
	      Change  all  instances  of  interface  name ifname1 in the state save file to ifname2.  Useful if you're restoring state information
	      after a hardware reconfiguration or change.

       -N     Operate on NAT information.

       -S     Operate on filtering state information.

       -u     Unlock state tables in the kernel.

       -l     Lock state tables in the kernel.

       -r     Read information in from the specified file and load it into the kernel.	This requires the state tables to have already been locked
	      and does not change the lock once complete.

       -w     Write  information  out  to  the specified file and from the kernel.  This requires the state tables to have already been locked and
	      does not change the lock once complete.

       -R     Restores all saved state information, if any, from two files, ipstate.ipf and ipnat.ipf, stored in the /var/db/ipf directory  unless
	      otherwise specified by the -d option.  The state tables are locked at the beginning of this operation and unlocked once complete.

       -W     Saves  in-kernel	state information, if any, out to two files, ipstate.ipf and ipnat.ipf, stored in the /var/db/ipf directory unless
	      otherwise specified by the -d option.  The state tables are locked at the beginning of this operation and unlocked once complete.

FILES

       /var/db/ipf/ipstate.ipf
       /var/db/ipf/ipnat.ipf
       /dev/ipl
       /dev/ipstate
       /dev/ipnat

SEE ALSO

       ipf(8), ipl(4), ipmon(8), ipnat(8)

DIAGNOSTICS

       Perhaps the -W and -R operations should set the locking but rather than undo it, restore it to what  it	was  previously.   Fragment  table
       information is currently not saved.

BUGS

       If you find any, please send email to me at darrenr@pobox.com

																	   IPFS(8)
All times are GMT -4. The time now is 01:20 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy