On Fri, 2003-06-13 at 20:08, Leonardo Borda wrote: > Hello, > > I have a network 192.168.25.0 and I need specify the following rules: > > 192.168.24.1 to 192.168.25.33 -> just should have HTTP access. > 192.168.24.34 to 192.168.25.133 -> just should have FTP access. > 192.168.24.134 to 192.168.25.254 -> just SSH access. > > I could do it using a loop for and creatiang one rule each time for each ip > address. But I think this is not a best solution. > > I tried using: iptables -A FORWARD -p tcp -s 192.168.25.1-33 ... but was > not successful. > > Is there any way to make this works ? > > Thanks! If you are able to modify the ranges slightly, you could use this: # 192.168.25.0-31 allowed HTTP iptables -A FORWARD -s 192.168.25.0/27 -p tcp --dport 80 -j ACCEPT # 192.168.25.32-63 allowed FTP iptables -A FORWARD -s 192.168.25.32/27 -p tcp --dport 21 -j ACCEPT # 192.168.25.64-127 allowed FTP iptables -A FORWARD -s 192.168.25.64/26 -p tcp --dport 21 -j ACCEPT # 192.168.25.128-255 allowed SSH iptables -A FORWARD -s 192.168.25.128/25 -p tcp --dport 22 -j ACCEPT j > Atenciosamente, > > Leonardo Borda > Netwall Tecnologia e Projetos - http://www.netwall.com.br > Fone/Fax: +55 51 3235.2868 > Celular: +55 51 9914.3039 > mailto:borda@xxxxxxxxxxxxxx > > /** Construindo soluções em tecnologia voltadas ao seu negócio **/ > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.488 / Virus Database: 287 - Release Date: 5/6/2003 >
