[SOVLED by '!' ]how to specify IP not equal to in iptables rules ????

Jatin K ssh.fedora at gmail.com
Sat Jul 16 04:20:35 UTC 2011


On Friday 15 July 2011 03:22 PM, Reindl Harald wrote:
>
> Am 15.07.2011 11:46, schrieb Jatin K:
>> On Friday 15 July 2011 03:10 PM, James Hogarth wrote:
>>>> '!' Solved my problem
>>> Really? Because what you have there is the opposite of that which you
>>> stated you were trying to accomplish in your first post.
>>>
>>> Now that IP is the only IP that can access your FTP server and all
>>> others get dropped.
>>>
>> yes  and thats what I wanted ,,,,, Only specified IP can ftp to the server
> why do you not say this at the begin
>
> sorry, but first open a port and after that drop all except
> one ip is a really ugly style no one should do in production

I do not have any control over that decision  ,  I've to have do the 
things as per company's requirement.

I'm the service provider , my duty is to provide setup as per direction 
and documentations given by my customer ( company )

> why do you not simply open the port only for the ip you want?
> and this way you can open fro 2, 3, 4 IPs later

if I would have control over the setup, I definitely  go with your said 
solution.


> iptables -A INPUT -p tcp -s source-ip --dport 21 -j ACCEPT
>

thanks for you suggestions and help


Warm Regards  T.C.

-- 
   °v°
  /(_)\
   ^ ^  Jatin Khatri
Registerd Linux user No #501175
www.counter.li.org
No M$



More information about the users mailing list