Re: simple config question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 27 Mar 2004, Eric McAfee wrote:

> I need to know the iptables command that would restrict all access to my server except for my computer's Dreamweaver program and ccbill's access to my password file. I know it would be some variation of:
> iptables -A INPUT -i ppp0 -p tcp --syn -j DROP

Hi,
what  you're going  to do  is drop  every new  TCP connection  to your
interface ppp0.

What you want to to should be something like that

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -s 127.0.0.1 -j ACCEPT

iptables -A INPUT -s $MACHINE -j ACCEPT
iptables -A OUTPUT -s $MACHINE -j ACCEPT

$machine is your machine IP address.

regards
Frederic
--
http://www.seclab.jp

Attachment: pgp00837.pgp
Description: PGP signature


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux