I basically wanted IPTables command to Block All IP Address except 3 to 4 private IPs, and local server ips
And further i should be able to add or remove those private ips in the allow list..
You can achieve it using the solution provided above. You need to set the polices for INPUT chain to DROP so that nothing will be allowed on your server. You will then have to allow the IPs to the port you wish to.
#The below line will DROP all incoming connections.
iptables -P INPUT DROP
#Allow specific IPs to specific ports for example port 22 for IP 126.96.36.199
iptables -A INPUT -p tcp -s 188.8.131.52 --d-port 22 -j ACCEPT
In this fashion you can add your IPs in the allow list.
If you are not familiar with iptables, better use the CSF firewall. You can use it's configuration to block all the ports and then using it's csf.allow file, allow specific IPs to specific ports. You can download the firewall from the configserver.com website.
a php login script hosted on Server2 which on authentication allows the user to access Server1
So basically after login on the phplogin script, i will hav to use SSH Command from Server2 on server1 to allow that specific ip to be allowed. Thus will execute some command like iptables -A INPUT -p .... or csf -a ip
So i want advice on which way should i go for.. CSF or iptables method..
The only issue that i may face is.. when i Add an IP to CSF or iptables allow list, and restart CSF / iptables so as to take effect, wont the existing users who already hav access to Server1 hav a break in their connection ...?