RE: port blocking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----Original Message-----
From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Manish
Sent: 25. marec 2005 13:00
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: port blocking

Hi,
 
I am having 5 network inteface card on my server,  2 connected to ethernet
and 3 connected to wireless. i am also running webserver on port 10000 in
the same machine. I only wanted the users from eth1 to be able to connect to
my web server. users from other interface i.e eth0, eth2.eth3 and eth4 will
not be able to connect to my web server. What iptables rule should i use.
 
Thanks.

		
---------------------------------
Do you Yahoo!?
 Yahoo! Mail - 250MB free storage. Do more. Manage less.


iptables -A INPUT -i eth0 -p tcp --dport 10000 -j DROP
iptables -A INPUT -i eth2 -p tcp --dport 10000 -j DROP
iptables -A INPUT -i eth3 -p tcp --dport 10000 -j DROP
iptables -A INPUT -i eth4 -p tcp --dport 10000 -j DROP


and so on ..

But its better if you go other way around, set policy to drop, and then
specify what to allow in.

Greets, Klemen



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux