[SOVLED by '!' ]how to specify IP not equal to in iptables rules ????
Jatin K
ssh.fedora at gmail.com
Sat Jul 16 04:20:35 UTC 2011
On Friday 15 July 2011 03:22 PM, Reindl Harald wrote:
>
> Am 15.07.2011 11:46, schrieb Jatin K:
>> On Friday 15 July 2011 03:10 PM, James Hogarth wrote:
>>>> '!' Solved my problem
>>> Really? Because what you have there is the opposite of that which you
>>> stated you were trying to accomplish in your first post.
>>>
>>> Now that IP is the only IP that can access your FTP server and all
>>> others get dropped.
>>>
>> yes and thats what I wanted ,,,,, Only specified IP can ftp to the server
> why do you not say this at the begin
>
> sorry, but first open a port and after that drop all except
> one ip is a really ugly style no one should do in production
I do not have any control over that decision , I've to have do the
things as per company's requirement.
I'm the service provider , my duty is to provide setup as per direction
and documentations given by my customer ( company )
> why do you not simply open the port only for the ip you want?
> and this way you can open fro 2, 3, 4 IPs later
if I would have control over the setup, I definitely go with your said
solution.
> iptables -A INPUT -p tcp -s source-ip --dport 21 -j ACCEPT
>
thanks for you suggestions and help
Warm Regards T.C.
--
°v°
/(_)\
^ ^ Jatin Khatri
Registerd Linux user No #501175
www.counter.li.org
No M$
More information about the users
mailing list