iptables syntax
This is a discussion on iptables syntax within the Linux Networking forums, part of the Linux Forums category; I want to drop new connections from any host except two. Previously I was accepting from one address range as ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-24-2003
|
|||
|
|||
iptables syntax
I want to drop new connections from any host except two. Previously I was
accepting from one address range as follows (I've changed the range to a private one for this post): iptables -A INPUT -m state --state NEW -i eth0 -j DROP \! -s 172.16.4.0/24 How do I change it so that it drops any new connections except those from 172.16.4.0/24 or 172.16.200.0/24? Cheers M 
|
|
09-24-2003
|
|||
|
|||
|
Re: iptables syntax
Matt <spam@fritters.com> wrote:
> I want to drop new connections from any host except two. Previously I > was accepting from one address range as follows (I've changed the range > to a private one for this post): > > iptables -A INPUT -m state --state NEW -i eth0 -j DROP \! -s > 172.16.4.0/24 I guess this should read "... -j DROP -s \! 172.16.4.0/24" > > How do I change it so that it drops any new connections except those from > 172.16.4.0/24 or 172.16.200.0/24? iptables -A INPUT -m state --state NEW -i eth0 \ --src 172.16.4.0/24 -j ACCEPT iptables -A INPUT -m state --state NEW -i eth0 \ --src 172.16.200.0/24 -j ACCEPT iptables -A INPUT -m state --state NEW -i eth0 -j DROP Ciao, Horst -- »When pings go wrong (It hurts me too)« E.Clapton/E.James/P.Tscharn
|
Linear Mode
