Re: hosts.deny vs iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 24 May 2006 14:27:20 -0400 Ed Kim <ed.kim@xxxxxxxxxxx> wrote:

> CodeHeads wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > On Wed, 24 May 2006 10:34:23 -0500 Bruno Wolff III <bruno@xxxxxxxx> wrote:
> > 
> >> On Wed, May 24, 2006 at 10:46:39 -0400,
> >>   CodeHeads <codeheads@xxxxxxxxx> wrote:
> >>> Ed,
> >>> Thank you, That what I was looking for to verify what I have learned so
> >>> far.
> >>>
> >>> Question on entering IP address in IPTables, say I want to add a range to
> >>> block the whole ip range of 10.0.0.0 (example of course)
> >>> Can I do this:
> >>> $iptables -A FORWARD -p tcp -s 10. -i eth0 -j DROP
> >>> OR
> >>> $iptables -A FORWARD -p tcp -s 10.* -i eth0 -j DROP
> >> Either
> >> $iptables -A FORWARD -p tcp -s 10.0.0.0/8 -i eth0 -j DROP
> >> or
> >> $iptables -A FORWARD -p tcp -s 10.0.0.0/255.0.0.0 -i eth0 -j DROP
> >> will work.
> > 
> > Thank you Bruno.  Just wanted to verify about the wild cards.
> > 
> > Sorry for all the questions, IP's confuse me a bit. :) LOL
> > Say if I have a range of 222.96.0.0 - 222.122.255.255
> > Is there a calculator that will tell me the netmask??
> > 
> > Will
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.3 (GNU/Linux)
> > 
> > iD8DBQFEdIKLfw3TK8jhZrsRAg9PAKDKEOBc+B6hV98Yk14O7pt55+YlJwCg4f1o
> > 3HgXuIWAXRXipVlCR7AR4c0=
> > =zm19
> > -----END PGP SIGNATURE-----
> > 
> 
> Just a few things...
> you are appending to the FORWARD chain in the above example... I'm 
> guessing that this is correct and the webserver is NAT'd?  otherwise 
> you'd want to edit the INPUT chain.
> 
> I also use netmasks, but there is the capability to modify ranges as 
> follows..
> 
> iptables -A FORWARD -m iprange --src-range 222.96.0.0-222.122.255.255 -j 
> DROP
> (syntax may not be correct, see man iptables)


Thanks Kim, I will check that out. :)

Will
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEdKpHfw3TK8jhZrsRAi0nAJ9ZjWYcXv6eaSS9czAJ55LBVL/HOgCgjGmX
o19+0jbZRt9fNkZNu3WnTgg=
=3cvF
-----END PGP SIGNATURE-----

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux