Results 1 to 4 of 4
Thread: IPTables quick sample
-
05-06-2003, 04:55 PM #1Account Disabled
- Join Date
- Apr 2000
- Posts
- 1,726
IPTables quick sample
I am not use to using IPTables, i usually use IPChains, can someone provide me a few quick examples of using iptables to
1. deny a single ip, blocking a specifc port
2. deny a single ip, blocking a range of ports
3. deny a range of ips, blocking a specifc port (IE: /24 or something)
4. deny a range of ips, blocking a range of ports (IE: /24 or something)
-
05-06-2003, 06:37 PM #2Web Hosting Master
- Join Date
- Jun 2002
- Location
- Sydney, Australia
- Posts
- 1,745
For the first two I'll use 10.4.3.2 as the source IP. For the last two I'll use 10.4.3.0/24 as the source network.
For the range I'll use 8080-8090. For the single port I'll use 8080
1. Deny a single ip, blocking a specific port:
/sbin/iptables -A INPUT -i eth1 -p tcp -s 10.4.3.2 --dport 8080 -j REJECT
2. Deny a single ip, blocking a range of ports
/sbin/iptables -A INPUT -i eth1 -p tcp -s 10.4.3.2 --dport 8080:8090 -j REJECT
3. Deny a range of ips, blocking a specific port.
/sbin/iptables -A INPUT -i eth1 -p tcp -s 10.4.3.0/24 --dport 8080 -j REJECT
4. Deny a range of ips, blocking a range of ports.
/sbin/iptables -A INPUT -i eth1 -p tcp -s 10.4.3.0/24 --dport 8080:8090 -j REJECT
To remove the rules, replace "-A" with "-D"
--ShaunShaun Ewing
shaun.net
-
05-06-2003, 07:51 PM #3Account Disabled
- Join Date
- Apr 2000
- Posts
- 1,726
thanks!
-
05-06-2003, 08:54 PM #4Web Hosting Master
- Join Date
- Nov 2001
- Location
- Ann Arbor, MI
- Posts
- 2,979
Of course doing a DROP requires less overhead than a REJECT.
-Mark Adams
www.bitserve.com - Secure Michigan web hosting for your business.
Only host still offering a full money back uptime guarantee and prorated refunds.
Offering advanced server management and security incident response!