how to specify IP not equal to in iptables rules ????
g
geleem at bellsouth.net
Thu Jul 14 13:42:28 UTC 2011
On 07/14/2011 12:48 PM, Jatin K wrote:
<>
> So how to go ...??? and any one guide to the right direction ????? how
> do I add a rule like IP or the PORTs is not equal to ?
when using the negation, "!", you need to use a <space> before and after,
such as;
[1] iptables -A INPUT -s ! 172.16.158.111 -p tcp --dport 21 -j DROP
[2] iptables -A INPUT -s ! 172.16.158.111 -p tcp --dport 20 -j DROP
do note that negation, in effect, means 'not' or 'other than'.
so, above would 'DROP' if not '172.16.158.111'.
therefore, try without "!".
as i have not used "!" in some time, and do not recall how/why, i may be in
error on this, and i am basing this on what is shown in 'iptables' man page
and what is written in publication;
Red Hat Linux Firewalls, ISBN 0-7645-2463-1
published by Wiley Publishing, Inc.
Copyright 2003 by Red Hat, Inc.
hth.
--
peace out.
tc.hago,
g
.
****
in a free world without fences, who needs gates.
**
help microsoft stamp out piracy - give linux to a friend today.
**
to mess up a linux box, you need to work at it.
to mess up an ms windows box, you just need to *look* at it.
**
The installation instructions stated to install Windows 2000 or better.
So I installed Linux.
**
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/
****
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 545 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20110714/b3ad55c8/attachment.bin
More information about the users
mailing list