Login or Register to Ask a Question and Join Our Community


IP Networking

Help with iptables

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums IP Networking Help with iptables
# 1  
Old 03-12-2013
Help with iptables
photo networkImage

i was wondering if someone can help me with iptables for the router photo attached

On Router:
1.i need to ssh from blue to red:
my answer:
iptables -A INPUT -s 10.2.0.0 -p tcp --dport 22 -j accept
iptables -A output -s 10.2.0.0 -p tcp --sport 22 -j accept

2.i need to http from blue to red (required for patching)?

3. i need to Allow pings both ways
my answer"
iptables -A input -p icmp --icmp-type 8 -m state --stae new,established -j accept
iptables -A input -p icmp --icmp-type 0 -m state --stae new,established -j accept
iptables -A output -p icmp --icmp-type 8 -m state --stae new,established -j accept
iptables -A output -p icmp --icmp-type 0 -m state --stae new,established -j accept

4.then Allow nothing else
my answer:
iptables -A INPUT -j DROP

5.ssh must only listen on blue network interface (in: /etc/ssh/sshd_config)?
Last edited by beerpong1; 03-13-2013 at 12:00 AM..
# 2  
Old 03-13-2013
Which host(s) gets iptables?
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Ubuntu

iptables

Hi I need help with an iptables configuration, this is what I have server A Server B A and B are using different gateways i am sending port 22 from A to B, I see the packages coming in B but B is not sending the package to internet. please give me some examples. (0 Replies)
Discussion started by: lmartinez073
0 Replies

2. Red Hat

iptables help for port 80

Hi I enable the IPtables but port 80 was not working. Below is my active configuration (10 Replies)
Discussion started by: ranjancom2000
10 Replies

3. UNIX for Dummies Questions & Answers

Help with iptables

Hi, I just build a Linux server, I said yes to enable the firewall. I only choose SSH conneciton. When I check the iptables. I see all of this (see below). I want to reject every thing only allow SSH from subnet 192.168.1.xx. Can you advise, how to do. Chain RH-Firewall-1-INPUT (2... (2 Replies)
Discussion started by: samnyc
2 Replies

4. UNIX for Dummies Questions & Answers

help with iptables

Hi, On the IPTABLES, I did iptables --flush. I want to start fresh. Now I only want two things. Allow one ip address to this server. Allow port 443 as incoming from every where. Please advice how to do this. This is what I did so for. iptables -I INPUT -i eth0 -s 1.2.3.4 -j ACCEPT... (5 Replies)
Discussion started by: samnyc
5 Replies

5. IP Networking

iptables changes

Hello We have one linux machine in the office which happens to be an important firewall. I just know the basics and need to make one change Essentially it is forward mysql traffic to another internal machine. This is the original rule (forward to 192.20.0.17) which is working ... (0 Replies)
Discussion started by: rina5392
0 Replies

6. IP Networking

Iptables

What should be the iptables rule so that only the subnet 64.61.11.224/255.255.255.248 may access the mysql port 3306 (1 Reply)
Discussion started by: proactiveaditya
1 Replies

7. IP Networking

iptables assistance

I have a CentOS 5.2 (10.20.21.73) machine that I need help with configuring iptables. According to documentation I believe this line should allow all communication between my machine and another machine (other machine has no firewall) -A RH-Firewall-1-INPUT -s 10.20.21.12 -j ACCEPT #... (1 Reply)
Discussion started by: beaker457
1 Replies

8. IP Networking

Iptables

Thanks in advance I have to remove ip_tables_name from /proc/net/... i was trying to do so and getting the following error cmd : rm ip_tables_names error : rm: remove regular empty file `ip_tables_names'? y rm: cannot remove `ip_tables_names': Operation not permitted (4 Replies)
Discussion started by: sudeepiit
4 Replies

9. IP Networking

Need help with iptables

Trying to create a whitelist to limit bandwidth. My sync speed is 1536/256 kbps. Simple rules in order: 1. Do not limit (or set to 1536/256) MAC 00:00:00:00:00 (computer is in 192.168.1.0/24). 2. Do not limit (or set to 1536/256) MAC 00:00:00:00:01 (computer is in 192.168.1.0/24). 3. Do not... (1 Reply)
Discussion started by: kripz
1 Replies

10. IP Networking

IPtables

Hey guys, I have just started using IP tables and was wondering if anyone could direct me to any good online resources as I am totally new to this. Thanks. (1 Reply)
Discussion started by: 182x
1 Replies
Login or Register to Ask a Question