LinuxQuestions.org - How can I only allow 170.169.xxx.xxx ip ranges via iptables?

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - How can I only allow 170.169.xxx.xxx ip ranges via iptables? (https://www.linuxquestions.org/questions/linux-newbie-8/how-can-i-only-allow-170-169-xxx-xxx-ip-ranges-via-iptables-4175451733/)

aholak

02-26-2013 05:45 AM

How can I only allow 170.169.xxx.xxx ip ranges via iptables?

Hi,

I have ssh port 22 that opened to everyone now.I want to allow just for 170.169.xxx.xxx ip blocks. How can I do that?

My current iptable rules for ssh is:

Quote:

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

chrism01

02-26-2013 05:46 AM

http://www.cyberciti.biz/tips/linux-...-or-ports.html

aholak

02-26-2013 05:49 AM

I read that article but couldn't understand. Shows only ips from 192.168.1.100 to 192.168.1.200

Same configration can be done?

Quote:

iptables -A INPUT -p tcp --dport 22 -m iprange --src-range 170.169.1.1-170.169.255.255 -j ACCEPT

NevemTeve

02-26-2013 06:23 AM

Or:

Code:

# iptables -t filter -A INPUT -p tcp --dport 22 -s 170.169.0.0/255.255.0.0 -j ACCEPT

# iptables -t filter -A INPUT -p tcp --dport 22 -j DROP

aholak

02-26-2013 06:24 AM

Quote:

Originally Posted by NevemTeve (Post 4899992)

Or:

Code:

# iptables -t filter -A INPUT -p tcp --dport 22 -s 170.169.0.0/255.255.0.0 -j ACCEPT

# iptables -t filter -A INPUT -p tcp --dport 22 -j DROP

Wow, Thank you so much, now works as just I wanted.

All times are GMT -5. The time now is 06:22 PM.