Results 1 to 4 of 4
  1. #1

    IPTables quick sample

    I am not use to using IPTables, i usually use IPChains, can someone provide me a few quick examples of using iptables to

    1. deny a single ip, blocking a specifc port
    2. deny a single ip, blocking a range of ports
    3. deny a range of ips, blocking a specifc port (IE: /24 or something)
    4. deny a range of ips, blocking a range of ports (IE: /24 or something)

  2. #2
    Join Date
    Jun 2002
    Location
    Sydney, Australia
    Posts
    1,745
    For the first two I'll use 10.4.3.2 as the source IP. For the last two I'll use 10.4.3.0/24 as the source network.

    For the range I'll use 8080-8090. For the single port I'll use 8080

    1. Deny a single ip, blocking a specific port:
    /sbin/iptables -A INPUT -i eth1 -p tcp -s 10.4.3.2 --dport 8080 -j REJECT

    2. Deny a single ip, blocking a range of ports
    /sbin/iptables -A INPUT -i eth1 -p tcp -s 10.4.3.2 --dport 8080:8090 -j REJECT

    3. Deny a range of ips, blocking a specific port.
    /sbin/iptables -A INPUT -i eth1 -p tcp -s 10.4.3.0/24 --dport 8080 -j REJECT

    4. Deny a range of ips, blocking a range of ports.
    /sbin/iptables -A INPUT -i eth1 -p tcp -s 10.4.3.0/24 --dport 8080:8090 -j REJECT


    To remove the rules, replace "-A" with "-D"

    --Shaun
    Shaun Ewing
    shaun.net

  3. #3
    thanks!

  4. #4
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,979
    Of course doing a DROP requires less overhead than a REJECT.
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •