Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IPTables question

Status
Not open for further replies.
golgiapparatus

golgiapparatus

IS-IT--Management
Jun 6, 2011
1
US
I have a few basic questions on IPTables, please forgive me, I learn best by asking questions.

I have a server that contains two NIC's:
Code: 
eth0 x.x.x.10
eth1 x.x.x.11
How would I do the following....
Code: 
1. I would like to block all traffic on x.x.x.10 from all
2. I would like to grant an ip 186.x.x.43 to x.x.x.10 port 80 and 443
3. I would like to remove an ip 186.x.x.43 from x.x.x.10 port 80 and 443
Thanks for the help,
golgi
 
Sort by date Sort by votes
I don't know if it lets you block your own NIC, but what I do to block outside computers from accessing my system is this - this would apply to your first instance (maybe):

iptables -A INPUT -s x.x.x.10 -j DROP

This will drop all incoming traffic from the listed IP, effectively blocking it from access to your system. In the above example I don't think it blocks outgoing access though.

This is the only part of iptables I use - when I see someone pounding on my ssh and denyhosts doesn't get it fast enough for me I block it manually.

You could also look at the format for /etc/hosts.deny and /etc/hosts.allow
 
Upvote 0 Downvote
Here is a really good tutorial on iptables that will cover these topics in depth:
In a nutshell, it is almost always better to block all traffic and then permit only the connections that you wish to allow. You can either add a drop statement at the end of your (allow) list or set your policy to drop. Generally speaking if you block a particular IP, they will simply move to another one.

Iptables contains multiple 'chains', input, output, and forward. The most important one is input as this will stop the incoming connections. Create some rules that allow traffic on your desired ports and then at the end drop everything else.

For output, you will likely need to set up a rule for related and established connections. Outbound connections are a little more tricky because they use random, higher numbered ports. So for example, you can't allow outbound port 80 and expect to have web browser access because.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AbidingDude
  • Locked
  • Question
Newbie Apache Cache Question
Replies
5
Views
322
AbidingDude
AbidingDude
johngiggs
  • Locked
  • Question
Regex Question
Replies
1
Views
145
johngiggs
johngiggs
fzx5v0
  • Locked
  • Question
IPTables outgoing firewall rules
Replies
1
Views
149
minicompbx
minicompbx
abrooks3640
  • Locked
  • Question
Two Servers on One Machine - iframe question
Replies
0
Views
88
abrooks3640
abrooks3640
MichealC4
  • Locked
  • Question
iptables + gre + masquerade = doesn't work?
Replies
1
Views
178
MichealC4
MichealC4

Part and Inventory Search

Sponsor

Back
Top