[TriLUG] iptables question - rule - from any domain *.ncsu.edu

Greg Cox glcox at pobox.com
Thu Aug 28 13:42:43 EDT 2003


> Rather than write a ruleset for each individual possible origination
> ip - Can I add a single rule that says allow ssh from any ip within
> the ncsu.edu domain?
> ie. engr01ras-linux.eos.ncsu.edu and engr06ras.eos.ncsu.edu.
>      would both match.

1) Allow all ssh traffic, then use hosts.allow to restrict it.

2) iptable it to 152.1.0.0/16

$ host engr06ras.eos.ncsu.edu
engr06ras.eos.ncsu.edu has address 152.1.68.201
$ lynx -source http://ws.arin.net/cgi-bin/whois.pl?queryinput=152.1.68.201|grep CIDR
CIDR:       152.1.0.0/16





More information about the TriLUG mailing list