[SOVLED by '!' ]how to specify IP not equal to in iptables rules ????
Jatin K
ssh.fedora at gmail.com
Fri Jul 15 04:33:57 UTC 2011
On Thursday 14 July 2011 06:37 PM, Robert Nichols wrote:
> On 07/14/2011 07:48 AM, Jatin K wrote:
>> Dear All Gurus,
>>
>> I want to deny a particular IP (172.16.158.111) address in my network to
>> FTP on server (RHEL6), I'm trying to add the following[1][2] iptabls
>> rules on server and getting error [3]
>>
>>
>> [1] iptables -A INPUT -s! 172.16.158.111 -p tcp --dport 21 -j DROP
>> [2] iptables -A INPUT -s! 172.16.158.111 -p tcp --dport 20 -j DROP
>>
>> [3] Using intrapositioned negation (`--option ! this`) is deprecated in
>> favor of extrapositioned (`! --option this`).
>>
>>
>> if I try following [4] it throws error like " bash: !172: event not
>> found " (I think it tries to recall a command from history ..may be not
>> sure )
>>
>> [4] iptables -A INPUT -s !172.16.158.111 -p tcp --dport 21 -j DROP
>>
>>
>> So how to go ...??? and any one guide to the right direction ????? how
>> do I add a rule like IP or the PORTs is not equal to ?
> The exclamation point needs to be followed by white space to keep the shell
> from trying to interpret it. The recommended syntax is to put the '!'
> _before_ the option flag:
>
> iptables -A INPUT ! -s 172.16.158.111 -p tcp --dport 21 -j DROP
>
'!' Solved my problem
Thank you very very much all of you
Warm Regards
--
°v°
/(_)\
^ ^ Jatin Khatri
Registerd Linux user No #501175
www.counter.li.org
No M$
More information about the users
mailing list