On Wed, 2003-02-26 at 17:33, Bob wrote: > Or better yet, how do I allow a specific IP address access to a port > like SSH? I want to deny all access to ports on a system that I manage > except for specific addresses. > To specifically allow only one IP address access to a specific port on the machine running iptables use an input rule: iptables -A INPUT -p tcp --dport 22 -s 10.0.0.100 -j ACCEPT This assumes that your default policy for INPUT is DROP (or REJECT), or this rule comes before any rule that would drop this traffic. 10.0.0.100 is your client machine. > Thanks! > Bob -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ( Raymond Leach ) ) Knowledge Factory ( ( ) ) Tel: +27 11 445 8100 ( ( Fax: +27 11 445 8101 ) ) ( ( http://www.knowledgefactory.co.za/ ) ) http://www.saptg.co.za/ ( ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ o o o o .--. .--. | o_o| |o_o | | \_:| |:_/ | / / \\ // \ \ ( | |) (| | ) /`\_ _/'\ /'\_ _/`\ \___)=(___/ \___)=(___/
Attachment:
signature.asc
Description: This is a digitally signed message part
