LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-17-2009, 09:16 PM   #1
buee
Member
 
Registered: May 2009
Posts: 81

Rep: Reputation: 16
Question Will this syntax work?


I'm new to iptables and think I may have gotten the syntax for what I want to do. Basically, what I want to do is make sure that two IP addresses have access to print to the networked printer ONLY and to reject any other access attempts on any other ports to any other IPs.

So, here's part 1 of my question:
Will this...
Code:
#Allow traffic from Business Center Computers to the network printer for the port alloted for printing only
iptables -A INPUT -i (Interface) -s (PC.IP.address-PC.IP.address) -d (Printer.IP.address)  --dport (Printer Port) -j ACCEPT

#Deny all other traffic across this connection from the Business Center Computers
iptables -A INPUT -i (Interface) -s (PC.IP.address-PC.IP.address) all -j DROP
...do what I want?

Part 2:
How do I make sure this starts on boot every time.

Oh, and one other wrench in the gears of this project, I'm trying to implement this on a DD-WRT router. <---That's probably the most important part.
 
Old 06-18-2009, 12:10 AM   #2
jerel4565
Member
 
Registered: Jun 2009
Distribution: Red Hat/ Centos
Posts: 33

Rep: Reputation: 16
Your code should work except for the random all.
iptables -A INPUT -i (Interface) -s (PC.IP.address-PC.IP.address) all -j DROP

Maybe try using an asterisk, but I can't remember if you can use wildcards.

Iptable commands are kept in memory. To make the changes persistent on reboot:

Code:
service iptables save
This saves your chains in the /etc/sysconfig/iptables file.

Hopefully, this will help.

Last edited by jerel4565; 06-19-2009 at 02:06 PM.
 
Old 06-18-2009, 08:32 PM   #3
buee
Member
 
Registered: May 2009
Posts: 81

Original Poster
Rep: Reputation: 16
Hmm

Quote:
Originally Posted by jerel4565 View Post
Your code should work except for the random all.
iptables -A INPUT -i (Interface) -s (PC.IP.address-PC.IP.address)[[ all ]] -j DROP

Maybe try using an asterisk, but I can't remember if you can use wildcards.

Iptable commands are kept in memory. To make the changes persistent on reboot:

Code:
service iptables save
This saves your chains in the /etc/sysconfig/iptables file.

Hopefully, this will help.
From all of the iptables examples I saw, "all" didn't have brackets, but I'll give it a go.
 
Old 06-19-2009, 02:02 PM   #4
jerel4565
Member
 
Registered: Jun 2009
Distribution: Red Hat/ Centos
Posts: 33

Rep: Reputation: 16
No I'm sorry. I didn't mean to put that there. I was just trying to point it out.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache2 VirtualHost Syntax OK but domain still doesn't work bg108 Linux - Server 11 04-18-2008 12:54 PM
Starting httpd: httpd: Syntax error on line 209 of /etc/httpd/conf/httpd.conf: Syntax sethukpathi Linux - Networking 6 04-12-2008 11:26 AM
MySQL the syntax to SELECT doesn't work for DELETE Melsync Programming 2 03-31-2007 05:59 AM
C++ syntax error before :: token HELP, i cant find the syntax error :( qwijibow Programming 2 12-14-2004 06:09 PM
C syntax help please ... DarkDrive Programming 2 08-07-2003 04:13 PM


All times are GMT -5. The time now is 10:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration