[TriLUG] IPTABLES rule help
rasch at raschnet.com
rasch at raschnet.com
Mon Jul 14 14:30:01 EDT 2003
On Mon, Jul 14, 2003 at 01:56:41PM -0400, bp wrote:
> This isn't a firewall machine but rather just a plain lab box. Single
> nic. Figured on something more like:
>
> Deny ALL
you have the option here of saying "REJECT" or "DROP" REJECT will send
a "connection refused" or analogous message back to the requester.
"DROP" will just drop the packet and act as though it never existed.
# iptables -P input REJECT
> allow ping from *
# iptables -A input -p icmp -j ACCEPT
> allow ssh from *
# iptables -A input -p tcp --destination-port ssh -j ACCEPT
> allow * from x, y, z subnets
# iptables -A input -s a.b.c.d/25 -j ACCEPT
> Any rules that simple for what I want? -bp
"man iptables" will also help you out here.
Absolutely, sorry I guess I went a bit overboard.
Although moot in this discussion, i left off the "-j ACCEPT" parameter
in my previous email.
Good luck,
David
More information about the TriLUG
mailing list