-----Original Message----- From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Manish Sent: 25. marec 2005 13:00 To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: port blocking Hi, I am having 5 network inteface card on my server, 2 connected to ethernet and 3 connected to wireless. i am also running webserver on port 10000 in the same machine. I only wanted the users from eth1 to be able to connect to my web server. users from other interface i.e eth0, eth2.eth3 and eth4 will not be able to connect to my web server. What iptables rule should i use. Thanks. --------------------------------- Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. iptables -A INPUT -i eth0 -p tcp --dport 10000 -j DROP iptables -A INPUT -i eth2 -p tcp --dport 10000 -j DROP iptables -A INPUT -i eth3 -p tcp --dport 10000 -j DROP iptables -A INPUT -i eth4 -p tcp --dport 10000 -j DROP and so on .. But its better if you go other way around, set policy to drop, and then specify what to allow in. Greets, Klemen
