On 07/16/2011 09:11 AM, Jatin K wrote: > On Saturday 16 July 2011 02:22 PM, g wrote: >> On 07/16/2011 05:40 AM, Jatin K wrote: >>> On Saturday 16 July 2011 10:18 AM, g wrote: >>>> On 07/16/2011 04:25 AM, Jatin K wrote: >>>> <> >>>> >>>>> Sorry, that was my mistake :-( >>>> that happens. but does make things difficult to help. >>>> >>>>> actually I got the solution what was needed, from this list. >>>> and was so noted. wherein, a little more info would be nice. >>>> >>>> did blocking work with; >>>> >>>> [1] iptables -A INPUT ! -s 172.16.158.111 -p tcp --dport 21 -j DROP >>>> or >>>> [2] iptables -A INPUT -s ! 172.16.158.111 -p tcp --dport 21 -j DROP >>>> >>>> syntax tends to indicate that [2] is correct, as [1] would tend to >>>> indicate "NOT source". >>> >>> [2] worked for me >> >> this is what i recall having used, and more logical. >> >>> ...by the way we need to indicate ! like '!' ( in >>> single quote) >>> >>> iptables -A INPUT -s '!' 172.16.158.111 -p tcp --dport 21 -j DROP >> this is not as i recall using, nor is it as such in man page or in >> 'Red Hat Linux Firewalls'. >> >> in man page, when shown as an option, [!] is used. when in description, >> "!" is used. (with 2 exceptions) >> >> in 'Red Hat Linux Firewalls', examples are show without quotes. >> >> so, >> >> [1] did you find without single quote to not work and then tried >> with single quotes? >> > > without single quote like this[1] > [1] iptables -A INPUT ! -s 172.16.158.111 -p tcp --dport 21 -j DROP now you are trying to confuse me. :) because; }> On Saturday 16 July 2011 10:18 AM, g wrote: }> >> On 07/16/2011 04:25 AM, Jatin K wrote: }> >> <> }> >> }> >>>> Sorry, that was my mistake :-( }> >> that happens. but does make things difficult to help. }> >> }> >>>> actually I got the solution what was needed, from this list. }> >> and was so noted. wherein, a little more info would be nice. }> >> }> >> did blocking work with; }> >> }> >> [1] iptables -A INPUT ! -s 172.16.158.111 -p tcp --dport 21 -j DROP }> >> or }> >> [2] iptables -A INPUT -s ! 172.16.158.111 -p tcp --dport 21 -j DROP }> >> }> >> syntax tends to indicate that [2] is correct, as [1] would tend to }> >> indicate "NOT source". }> }> }> [2] worked for me ...by the way we need to indicate ! like '!' ( in }> single quote) }> }> iptables -A INPUT -s '!' 172.16.158.111 -p tcp --dport 21 -j DROP > on bash it seems like it tries to find out previously run command in my > cash it finds a command started with -s ( which fails as I've not run > any command which starts with -s ) what are you meaning by "on bash"? > but when I tried to put it like '!'... its good to go > > >> or, >> >> [2] are you using "echo" to send line to iptables? > > no just how are you enter new line into iptables? -- peace out. tc.hago, g . **** in a free world without fences, who needs gates. ** help microsoft stamp out piracy - give linux to a friend today. ** to mess up a linux box, you need to work at it. to mess up an ms windows box, you just need to *look* at it. ** The installation instructions stated to install Windows 2000 or better. So I installed Linux. ** learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/ ****
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
