[SOVLED by '!' ]how to specify IP not equal to in iptables rules ????

g geleem at bellsouth.net
Fri Jul 15 14:19:00 UTC 2011

On 07/15/2011 09:46 AM, Jatin K wrote:
> On Friday 15 July 2011 03:10 PM, James Hogarth wrote:
>>> '!' Solved my problem
>> Really? Because what you have there is the opposite of that which you 
>> stated you were trying to accomplish in your first post.
>> Now that IP is the only IP that can access your FTP server and all 
>> others get dropped.
> yes  and thats what I wanted ,,,,, Only specified IP can ftp to the server

which is not what you stated in your first post, which was;

}> I want to deny a particular IP ( address in my network to
}> FTP on server (RHEL6), I'm trying to add the following[1][2] iptabls
}> rules on server  and getting error [3]

therefore, if you want to drop "IP (", you would use;

  [1] iptables -A INPUT -s -p tcp --dport 21 -j DROP
  [2] iptables -A INPUT -s -p tcp --dport 20 -j DROP

if you want to drop all except "IP (", you would use;

  [1] iptables -A INPUT -s ! -p tcp --dport 21 -j DROP
  [2] iptables -A INPUT -s ! -p tcp --dport 20 -j DROP


peace out.



in a free world without fences, who needs gates.
help microsoft stamp out piracy - give linux to a friend today.
to mess up a linux box, you need to work at it.
to mess up an ms windows box, you just need to *look* at it.
The installation instructions stated to install Windows 2000 or better.
So I installed Linux.
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 545 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20110715/b53def9d/attachment.bin 

More information about the users mailing list