LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-17-2008, 08:21 AM   #1
LuggerHouse
Member
 
Registered: May 2004
Location: Montreal,QC,Canada
Distribution: Fedora Core 7
Posts: 208

Rep: Reputation: 30
Firestarter deny ipadresse from inbound connections


Hello,

I would like to block an Ip from connecting to my server but I use Firstarter. the problem I have it that I has services allowed from there so any ip can connect to those services...

I looked around in the document and I could not see any ways of doing that..

So I guess my only choice would to do a "iptable -I INPUT -p ALL -s [ip adresse] -d 0.0.0.0/0 -j DROP" for this ip is that correct ??

Is there a way to retain thoses rules in iptables, so when I reboot the rules are still there ?

Would an outbound rule have been usefull in this case (I guess, the client could connect but could't receive ??)

THanks for any clarifications...
 
Old 07-17-2008, 09:24 AM   #2
david1941
Member
 
Registered: May 2005
Location: St. Louis, MO
Distribution: CentOS6
Posts: 267

Rep: Reputation: 57
Almost. The program name should be iptables (with an s). The -I inserts it as the first rule which is what you want, --protocol defaults to all, so (-p ALL) is OK but redundant.

To keep it active, add it to your rc.local file ( /etc/rc.d/rc.local) and it will execute after all your regular Sys V stuff inits. I am assuming Firstarter starts in there.

Dave
 
Old 07-17-2008, 11:08 AM   #3
LuggerHouse
Member
 
Registered: May 2004
Location: Montreal,QC,Canada
Distribution: Fedora Core 7
Posts: 208

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by david1941 View Post
Almost. The program name should be iptables (with an s). The -I inserts it as the first rule which is what you want, --protocol defaults to all, so (-p ALL) is OK but redundant.

To keep it active, add it to your rc.local file ( /etc/rc.d/rc.local) and it will execute after all your regular Sys V stuff inits. I am assuming Firstarter starts in there.

Dave
THanks for the reply :-)

I just realized that FireStarter gives us a chance to add our custom rules in the user-pre and user-post files within the Firstarter directory. I posted my rules in the user_post file and now they are recurent, even when I make a new rule using the gui.

Many thanks again!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't make inbound connections, and servers won't activate (no ports available) CJ Chitwood Linux - Networking 7 01-22-2008 07:53 PM
iptables: deny connections from dmz to lan t0bias Linux - Security 3 10-03-2007 07:56 AM
firewall using dynamic dns for inbound connections ptah_be Linux - Security 8 02-06-2006 03:44 AM
No Shorewall/IPtables: not inbound connections allowed psychobyte Mandriva 3 05-25-2005 01:29 AM
Deny connections from an IP, a whole Class C,... sarmadys Linux - Security 3 01-04-2005 07:52 AM


All times are GMT -5. The time now is 03:47 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration