I would suggest iptables -F iptables -A INPUT -s x.y.z.211/32 -j ACCEPT iptables -A INPUT -s x.y.z.212/32 -j ACCEPT .... iptables -A INPUT -s ! x.y.z.219/32 -j DROP You may also need to include your own default router and dns server to the accept list, otherwise you won't get out. Peter -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Patrick Derwael Sent: 15 September 2006 13:09 To: redhat-list@xxxxxxxxxx Subject: iptables Hi list, I need some help with iptables. I'm trying to block every access to one RHEL4 box (x.y.z.218), except from 9 IPs (x.y.z.211-219). Every port from the allowed range should reach x.y.z.218 I've setup the following rules: iptables -F iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT iptables -A INPUT -s x.y.z.211 -j ACCEPT ... iptables -A INPUT -s x.y.z.219 -j ACCEPT With those rules, just everything is dropped, even connections coming from the authorized range. What am I doing wrong here ?? -- Web and Co Patrick Derwael Rue Hubert Larock, 20 4280 Hannut email: pderwael@xxxxxxxxxxx http://www.webandco.be -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
