Re: doubt about ip ranges

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2003-06-13 at 20:08, Leonardo Borda wrote:
> Hello,
> 
> 	I have a network 192.168.25.0 and I need specify the following rules:
> 
> 	192.168.24.1 to 192.168.25.33 -> just should have HTTP access.
> 	192.168.24.34 to 192.168.25.133 -> just should have FTP access.
> 	192.168.24.134 to 192.168.25.254 -> just SSH access.
> 
> 	I could do it using a loop for and creatiang one rule each time for each ip
> address. But I think this is not a best solution.
> 
> 	I tried using: iptables -A FORWARD -p tcp -s 192.168.25.1-33 ... but was
> not successful.
> 
> 	Is there any way to make this works ?
> 
> 	Thanks!

If you are able to modify the ranges slightly, you could use this:

# 192.168.25.0-31 allowed HTTP
iptables -A FORWARD -s 192.168.25.0/27 -p tcp --dport 80 -j ACCEPT

# 192.168.25.32-63 allowed FTP
iptables -A FORWARD -s 192.168.25.32/27 -p tcp --dport 21 -j ACCEPT

# 192.168.25.64-127 allowed FTP
iptables -A FORWARD -s 192.168.25.64/26 -p tcp --dport 21 -j ACCEPT

# 192.168.25.128-255 allowed SSH
iptables -A FORWARD -s 192.168.25.128/25 -p tcp --dport 22 -j ACCEPT

j


> Atenciosamente,
> 
> Leonardo Borda
> Netwall Tecnologia e Projetos - http://www.netwall.com.br
> Fone/Fax: +55 51 3235.2868
> Celular:  +55 51 9914.3039
> mailto:borda@xxxxxxxxxxxxxx
> 
> 				/**  Construindo soluções em tecnologia voltadas ao seu negócio  **/
> 
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.488 / Virus Database: 287 - Release Date: 5/6/2003
> 




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux