[SOVLED by '!' ]how to specify IP not equal to in iptables rules ????
geleem at bellsouth.net
Fri Jul 15 14:19:00 UTC 2011
On 07/15/2011 09:46 AM, Jatin K wrote:
> On Friday 15 July 2011 03:10 PM, James Hogarth wrote:
>>> '!' Solved my problem
>> Really? Because what you have there is the opposite of that which you
>> stated you were trying to accomplish in your first post.
>> Now that IP is the only IP that can access your FTP server and all
>> others get dropped.
> yes and thats what I wanted ,,,,, Only specified IP can ftp to the server
which is not what you stated in your first post, which was;
}> I want to deny a particular IP (172.16.158.111) address in my network to
}> FTP on server (RHEL6), I'm trying to add the following iptabls
}> rules on server and getting error 
therefore, if you want to drop "IP (172.16.158.111)", you would use;
 iptables -A INPUT -s 172.16.158.111 -p tcp --dport 21 -j DROP
 iptables -A INPUT -s 172.16.158.111 -p tcp --dport 20 -j DROP
if you want to drop all except "IP (172.16.158.111)", you would use;
 iptables -A INPUT -s ! 172.16.158.111 -p tcp --dport 21 -j DROP
 iptables -A INPUT -s ! 172.16.158.111 -p tcp --dport 20 -j DROP
in a free world without fences, who needs gates.
help microsoft stamp out piracy - give linux to a friend today.
to mess up a linux box, you need to work at it.
to mess up an ms windows box, you just need to *look* at it.
The installation instructions stated to install Windows 2000 or better.
So I installed Linux.
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 545 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20110715/b53def9d/attachment.bin
More information about the users