Hello, As I see increased scans on my IP address, I want to limit access to only predetermined IP address ranges for certain services - Is the following the correct way to do this? <snip> # (Part A) Rules for incoming packets from Internet # Packets for established connections iptables -A INPUT -p ALL -d $ETH0_IP -m state --state ESTABLISHED,RELATED -j ACCEPT # (Part B) TCP Rules iptables -A INPUT -p TCP -i eth0 -s 123.45.1.1 --destination-port 21 -j okay # userA iptables -A INPUT -p TCP -i eth0 -s 123.45.0/16 --destination-port 22 -j okay #users A - Z </snip> So I understand - ONLY User A can ftp, and all those in 123.45. can ssh , BUT no-one else on the Internet can request services ? Thanks in advance Kate _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com
