Find the answer to your Linux question:
Results 1 to 7 of 7
i have a following setup: slackware 9.1 ethernet modem so i have dialup internet connection and i use it from 2 windows boxes through NAT. server has http, ftp, cvs, ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2004
    Posts
    7

    how to restrict access to my box?


    i have a following setup:

    slackware 9.1
    ethernet
    modem

    so i have dialup internet connection and i use it from 2 windows boxes through NAT.
    server has http, ftp, cvs, etc

    i want to block any outer access to my box except for some range of ip addresses that i want to allow (i have dynamic ip visible from internet).

    i.e. i want my server to be visible from my home network (172.15.*.*), and from local network of my ISP (10.*.*.*), but deny access from any other ip addresses.

    the question is: what tools should i use, what manuals to read?
    i have iptables configured to allow use of ppp from my home network, but i don't understand configs (my friend configured it for me)
    tried to read manuals and tutorials, but to no success - i'm just not a sysadmin, and networking is not a part my interests..

  2. #2
    Just Joined!
    Join Date
    Oct 2004
    Posts
    6

    Re: how to restrict access to my box?

    Quote Originally Posted by waker
    i have a following setup:

    slackware 9.1
    ethernet
    modem

    so i have dialup internet connection and i use it from 2 windows boxes through NAT.
    server has http, ftp, cvs, etc

    i want to block any outer access to my box except for some range of ip addresses that i want to allow (i have dynamic ip visible from internet).

    i.e. i want my server to be visible from my home network (172.15.*.*), and from local network of my ISP (10.*.*.*), but deny access from any other ip addresses.

    the question is: what tools should i use, what manuals to read?
    i have iptables configured to allow use of ppp from my home network, but i don't understand configs (my friend configured it for me)
    tried to read manuals and tutorials, but to no success - i'm just not a sysadmin, and networking is not a part my interests..
    well you have to get your hands dirty (networking and being a sysadmin) if you want things done your way. read the fine manuals, search the fine web. you would need to read on the networking HOWTO found at www.tljp.org.

  3. #3
    Just Joined!
    Join Date
    Oct 2004
    Posts
    7

    Re: how to restrict access to my box?

    well you have to get your hands dirty (networking and being a sysadmin) if you want things done your way. read the fine manuals, search the fine web. you would need to read on the networking HOWTO found at www.tljp.org.
    yes, i totally agree that i could do RTFM, but i just don't have so much time to read all of the manuals and tools.
    what i ask is what exact tools should i use.
    i'm not afraid of making my hands dirty :) just limited in time.
    can u confirm that iptables is the tool i need?
    if so - i'll just sit and read all the tutors, faqs, manpages, howtos, etc...

    my knowledge of networking is now limited around setting up LAN (ifconfig), configuring routing for my home network and keeping d2gs server running 24/7 for my friends.
    i also have apache-httpd and proftpd running..
    so i'm not n00biest of dummies.. but iptables config (and all those details about understanding packet filtering and all) is far complex, especially when i'm not sure it's the tool i need.

    i'd like something simple like hosts.deny and hosts.allow :) but it only works when daemon sits under inetd.. seems like not suitable at all..

    btw, ur url is not working..

  4. #4
    Linux Newbie
    Join Date
    Mar 2004
    Posts
    119
    he means "tldp.org" - the linux documentation project

  5. #5
    Linux Guru sarumont's Avatar
    Join Date
    Apr 2003
    Location
    /dev/urandom
    Posts
    3,682
    IPTables is what you want to use. Check out netfilter.org as well for some good docs on how to use it.
    "Time is an illusion. Lunchtime, doubly so."
    ~Douglas Adams, The Hitchhiker's Guide to the Galaxy

  6. #6
    Just Joined!
    Join Date
    Oct 2004
    Posts
    7
    Quote Originally Posted by sarumont
    IPTables is what you want to use. Check out netfilter.org as well for some good docs on how to use it. 8)
    thanx
    i did it through adding some ppp0 input filter rules, and one of my friends also helped me with some more tweaks like broadcast echo protection, disable sending redirect messages, etc..

    when i'll be sure it really works as i need - i'll add some comments into script and post it here..

  7. #7
    Linux Guru sarumont's Avatar
    Join Date
    Apr 2003
    Location
    /dev/urandom
    Posts
    3,682
    Quote Originally Posted by waker
    when i'll be sure it really works as i need - i'll add some comments into script and post it here..
    Comments? What're those?

    Glad you found your answers and got everything working.
    "Time is an illusion. Lunchtime, doubly so."
    ~Douglas Adams, The Hitchhiker's Guide to the Galaxy

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •