iptables question
Ashley M. Kirchner
ashley at pcraft.com
Sat Feb 17 20:18:37 UTC 2007
Is there a way to tell iptables specifically what networks to have a
port open for? Let's see if I can explain it better:
I run an internal NFS server that's available to all internal
machines (private IPs), and to 1 external server elsewhere (with a
public IP). I know I can use hosts.deny and hosts.allow to specifically
tell the daemons who to allow to connect, but I'm wondering if I can do
the same kind of fine-grained control with iptables? Basically, if I
run nmap against the NFS server's public IP, I don't want it to show
that NFS is running, however if I run nmap from the remote client, I
should be ale to see if. The same if I run nmap from (another) remote
location versus if I run it from within the network. The latter
scenario is the only time I want to see that the nfs port is open.
Is this possible?
--
H | It's not a bug - it's an undocumented feature.
+--------------------------------------------------------------------
Ashley M. Kirchner <mailto:ashley at pcraft.com> . 303.442.6410 x130
IT Director / SysAdmin / Websmith . 800.441.3873 x130
Photo Craft Imaging . 3550 Arapahoe Ave. #6
http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A.
More information about the users
mailing list