iptables modification
Jim Parker
fedoralist at parkerhouse.homeunix.org
Mon Nov 8 23:17:45 UTC 2004
So add a "-s 192.168.0.0/32" to that line to specify that it has to come
from that network. Or you can put a "-i eth1" to specify that it has to
come in on eth1 device.
Jim
-----Original Message-----
From: fedora-list-bounces at redhat.com
[mailto:fedora-list-bounces at redhat.com] On Behalf Of Garcia, Steve
Sent: Monday, November 08, 2004 4:55 PM
To: For users of Fedora Core releases
Subject: RE: iptables modification
> Garcia, Steve wrote:
>
> >Yikes -- I actually DID use the correct port number. I don't know
where
> that
> >443 came from when I typed my question. :-0
> >
> >
> >
> >>-----Original Message-----
> >>
> >>Hi,
> >>
> >>I need to poke a hole in the firewall to allow access to a remote
Citrix
> >>(port 1494) server. I believe I've made the correct change. I
added
> this
> >>to
> >>/etc/sysconfig/iptables
> >>
> >>-A firewall-chain-name -m state --state NEW -m tcp -p tcp --dport
443 -
> j
> >>ACCEPT
> >>
> >>Other than "does it work", which I'm waiting for the someone to
answer,
> >>I'd
> >>like to see what is going on with iptables and check that this port
> shows
> >>up
> >>as being passed.
> >>
> >>How can I see a summary of what iptables is currently doing?
> >>
> >>Iptables -L -v -n
> >>Didn't give me what I expected -- a list of ports being passed.
> >>
> >>Steve
> >>
> >>
> >>--
> >>fedora-list mailing list
> >>fedora-list at redhat.com
> >>To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
> >>
> >>
> >
> >
> >
> It would also be usefull/more secure if you could specify a source IP
> address that the connection can come from.
>
> Does your "some one" have a static IP address?
>
> Doug
Yeah, but I'd like it to work for the entire internal masq'd network:
192.168.0
--
fedora-list mailing list
fedora-list at redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
More information about the users
mailing list