[SOVLED by '!' ]how to specify IP not equal to in iptables rules ????
Reindl Harald
h.reindl at thelounge.net
Fri Jul 15 09:52:39 UTC 2011
Am 15.07.2011 11:46, schrieb Jatin K:
> On Friday 15 July 2011 03:10 PM, James Hogarth wrote:
>>
>>>
>>> '!' Solved my problem
>>
>> Really? Because what you have there is the opposite of that which you
>> stated you were trying to accomplish in your first post.
>>
>> Now that IP is the only IP that can access your FTP server and all
>> others get dropped.
>>
> yes and thats what I wanted ,,,,, Only specified IP can ftp to the server
why do you not say this at the begin
sorry, but first open a port and after that drop all except
one ip is a really ugly style no one should do in production
why do you not simply open the port only for the ip you want?
and this way you can open fro 2, 3, 4 IPs later
iptables -A INPUT -p tcp -s source-ip --dport 21 -j ACCEPT
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20110715/a60f0ad8/attachment.bin
More information about the users
mailing list