On Thu, 2004-06-10 at 13:39, Jonathan Villa wrote: > I have a machine running mysql only. > > I want to allow connections on ports 3306, 22, and 80 for a group of ip > address. > > Some will be from the block, others are dispersed. > > Will I know how to allow block of ips, and how to allow a single ip, how > would I combine the 2? > > My assumption is this > > 1. create an array of the single ip addresses. > 2. loop throught the array printing an iptables command which will allow > access on those ports to the loop index. > 3. hardcode the ip block xx.xxx.xx.0/24 > > Am I correct so far? You may find the iprange patch from patch-o-matic helpful if you have contiguous addresses that do not break evenly into a subnet. If you do not want to patch, SubnetCreator (http://subnetcreator.sourceforge.net) will turn the contiguous range into a group of subnets. -- John A. Sullivan III Chief Technology Officer Nexus Management +1 207-985-7880 john.sullivan@xxxxxxxxxxxxx --- If you are interested in helping to develop a GPL enterprise class VPN/Firewall/Security device management console, please visit http://iscs.sourceforge.net
