Home Forums Articles Downloads Hosting Freebies Jobs
Welcome to Linux Forums! With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.
Find the answer to your Linux question:
New to Linux Forums? Register here for free!
    Linux Forums > GNU Linux Zone > Linux Security > [SOLVED] ipTables rule to block a port for all internal IP Addresses except one

Forgot Password?
 Linux Security   Discussion about keeping your machines secure, and the crackers out.

Site Navigation
Linux Articles
Linux Forums
Linux Downloads
Linux Hosting
Free Magazines
Job Board
IRC Chat
RSS Feeds


Linux Forum Topics
Linux Forums
Your Distro
Linux Resources
GNU Linux Zone
The Community
Closed Thread
 
Thread Tools Display Modes
Old 07-07-2009   #1 (permalink)
Just Joined!
 
Join Date: Jul 2009
Posts: 2
[SOLVED] ipTables rule to block a port for all internal IP Addresses except one
I have a Virtual Dedicated Server with 6 IP Addresses. 1 for the server and 5 for other websites.
I want to block the access to port 9999(control panel) and 22(SSH) for all IP Addresses except 1.
They are internal IP Addresses not external.

So w1.x1.y1.z1:9999 is accessible but
w2.x2.y2.z2:9999
w3.x3.y3.z3:9999
w4.x4.y4.z4:9999
w5.x5.y5.z5:9999
w6.x6.y6.z6:9999
do not work. Please help

I plan to use ipTables to do so since I am using it currently to block ports 993 and 995

Also, I plan to add more IP Addresses later to the same server.
SO I would prefer a rule which would allow access to w1.x1.y1.z1:9999
instead of writing 5 rules to deny access to other IP Addresses, so that I dont have write new rules when I add another IP Address.

Although this is just preference. Any rule works fine for the time being.

Please help.
pranaysharmadelhi is offline  


Old 07-09-2009   #2 (permalink)
Linux Engineer
 
Lazydog's Avatar
 
Join Date: Jun 2004
Location: The Key Stone State
Posts: 1,187
Not a problem, what do you already have written for your rules?
__________________

Regards
Robert

Linux
The adventure of a life time.

Linux User #296285
Get Counted
Lazydog is offline  
Old 07-14-2009   #3 (permalink)
Just Joined!
 
Join Date: Jul 2009
Posts: 2
Soved
I used this:
iptables -A INPUT -p TCP -d ! w1.x1.y1.z1 --dport 22 -j REJECT
iptables -A INPUT -p TCP -d ! w1.x1.y1.z1 --dport 9999 -j REJECT
pranaysharmadelhi is offline  
Closed Thread

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Free Magazines
Run Your Own Web Server Using Linux & Apache - Free 191 Page Preview
Learn about everything you'll need to build and maintain your Linux servers, and to deploy Web applications to them.
subscribe
Open Source Security Myths Dispelled
Dispel the five major myths surrounding Open Source Security and gain the tools necessary to make a truly informed decision for your IT organization
subscribe
InformationWeek
InformationWeek is the only newsweekly you'll need to stay on top of the latest developments in information technology.
subscribe



All times are GMT. The time now is 03:21 PM.





Advertise About Us Contact Us Write For Us Archive Top
© 2000 - 2009 - All Rights Reserved - Property of  MAS Media

Content Relevant URLs by vBSEO 3.3.0 RC2