-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 25 Feb 2003 09:07:30 +0930, Iain Buchanan wrote: > On Tue, 2003-02-25 at 03:19, Leonard Miller wrote: > > How do I allow incoming http port 80 from only one machine and > > deny all others? Is it easy to turn off when testing is finished? > > To make it more permanent, put in /etc/sysconfig/iptables something like > this (note the default policy is drop, and packets are logged so you can > see who's being bounced). - -snip- Editing /etc/sysconfig/iptables is not such a good idea because it might trigger bugs in iptables' parser. Shouldn't happen too often. But also with regard to type errors, I wouldn't edit the file manually. The format of the file is the output of "iptables-save" and the input of "iptables-restore". Hence I recommend you insert rules on the command-line or with an ordinary shell script and then run "service iptables save" to save them to /etc/sysconfig/iptables. Then the rest applies what Iain has written. - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+Wz1Q0iMVcrivHFQRAqOTAJ9xpU5zuBj7x7zEjMwv7iK1gCKsKACbBWA1 RwlflQBczkjIDlgsxRY/gpc= =mcuX -----END PGP SIGNATURE----- -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
