Creating a filter with iptables

This is a discussion on Creating a filter with iptables within the Linux Networking forums, part of the Linux Forums category; I want to prohibit various internet hosts from accessing a range of ports on one of my computers. I believe ...


Go Back   Usenet Forums > Linux Forums > Linux Networking

Reload this Page Creating a filter with iptables

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 06-30-2008
Mark Hobley
 
Posts: n/a
Default Creating a filter with iptables
I want to prohibit various internet hosts from accessing a range of
ports on one of my computers. I believe that iptables is the tool that I
need for this, but I am not familiar with software firewalling in the
Linux environment. I am wading through documentation, but it is heavy
going and I am struggling to decypher the manuals. I really need an
example script that matches my requirements.

I want to block access to a range of ports 7000 to 7999 and
individual port 8026 on my server from hosts on networks 213.55.64.0/19
and 81.169.160.0/19.

I do not want anything else altered at this time, and I want all
remaining traffic to that machine to be permitted.

I have installed the iptables package, but I have not yet created a
script to activate it.

The server is an IBM compatible (Pentium 120) computer running Debian
Etch.

Thanks in advance to anyone who can help.

Regards,

Mark.

--
Mark Hobley,
393 Quinton Road West,
Quinton, BIRMINGHAM.
B32 1QE.
Reply With Quote
  #2 (permalink)  
Old 06-30-2008
pk
 
Posts: n/a
Default Re: Creating a filter with iptables
On Monday 30 June 2008 02:06, Mark Hobley wrote:

> I want to prohibit various internet hosts from accessing a range of
> ports on one of my computers. I believe that iptables is the tool that I
> need for this, but I am not familiar with software firewalling in the
> Linux environment. I am wading through documentation, but it is heavy
> going and I am struggling to decypher the manuals. I really need an
> example script that matches my requirements.

I *strongly* suggest you thoroughly read the documentation, rather than
trust someone else's scripts without understanding what those do. This
should be a good starting point:

http://iptables-tutorial.frozentux.n...-tutorial.html

> I want to block access to a range of ports 7000 to 7999 and
> individual port 8026 on my server from hosts on networks 213.55.64.0/19
> and 81.169.160.0/19.

You don't say if you want to block TCP or UDP ports.

iptables -A INPUT -s 213.55.64.0/19 -p tcp --dport 7000:7999 -j DROP
iptables -A INPUT -s 213.55.64.0/19 -p tcp --dport 8026 -j DROP
iptables -A INPUT -s 81.169.160.0/19 -p tcp --dport 7000:7999 -j DROP
iptables -A INPUT -s 81.169.160.0/19 -p tcp --dport 8026 -j DROP

Replace -p tcp with -p udp if you want to block UDP ports.

Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 07:24 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0