Great! This helps!! Thanks a lot!! Rohit On Mon, Oct 20, 2008 at 3:45 PM, Stephen Gilbert <linuxelf@xxxxxxxxx> wrote: > You can either set your default policy to drop > > iptables -P INPUT DROP > > This would drop all packets from all servers by default. Then the > > iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT > > would accept only packets from machine_A into Oracle. > > You may want to add a few more ports, such as 22 for ssh access. > > Alternately, you could add > > iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT > iptables -A INPUT -p tcp --dport 1521 -j DROP > > Baseically, this says machine A can hit 1521, but anyone else that > tries, just drop the packet. > > Rohit khaladkar wrote: > > Thanks Geoff!! This would definitely help. So can there cannot be a > master > > rule on the which would prevent all ip adresses except one.(machine A)? > > Thanks! > > Rohit > > > > On Mon, Oct 20, 2008 at 2:07 PM, Geofrey Rainey > > <Geofrey.Rainey@xxxxxxxxxx>wrote: > > > > > >> You want something like this: > >> > >> Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT > >> > >> This rule means allow access to port 1521 from IP machine_A. > >> Of course this rule alone will not prevent all-and-sundry from > >> Connecting to the server on any port, so you'll need to add > >> Many more rules to secure your server. > >> > >> Regards, > >> Geoff. > >> > >> -----Original Message----- > >> From: redhat-list-bounces@xxxxxxxxxx > >> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Rohit khaladkar > >> Sent: Monday, 20 October 2008 8:10 p.m. > >> To: General Red Hat Linux discussion list > >> Subject: Restrict access to a particular server. > >> > >> Hi All,I have two machines with Red Hat linux 5.2 installed of which one > >> is a database server running Oracle 10.0.4 on it. I need a iptable rule > >> which would make sure that only the other machine would have access to > >> it. > >> > >> For eg : If I have two macihnes, machine A and machine B, of which > >> machine B is a database server, can I setup a iptable rule on machine B > >> , which would allow access to the database only by machine A. > >> > >> Please help. > >> > >> Thanks! > >> Rohit Khaladkar > >> -- > >> redhat-list mailing list > >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >> https://www.redhat.com/mailman/listinfo/redhat-list > >> ========================================================== > >> For more information on the Television New Zealand Group, visit us > >> online at tvnz.co.nz > >> ========================================================== > >> CAUTION: This e-mail and any attachment(s) contain information that > >> is intended to be read only by the named recipient(s). This information > >> is not to be used or stored by any other person and/or organisation. > >> > >> > >> -- > >> redhat-list mailing list > >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >> https://www.redhat.com/mailman/listinfo/redhat-list > >> > >> > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
