LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 05-26-2004, 04:53 AM   #1
loiter99
LQ Newbie
 
Registered: May 2004
Posts: 2

Rep: Reputation: 0
Deny FTP by IP address with ipchains


Hello,
I am just starting out and would like to know how I can use ipchains to deny FTP(SSH) & web access to all but a select few internal addresses.

Specifically, I am looking for examples, I have been unable to find specific examples in my search.

Thank you,
J
 
Old 05-26-2004, 09:19 AM   #2
Technoslave
Member
 
Registered: Dec 2003
Location: Northern VA
Posts: 493

Rep: Reputation: 30
well, typically, with firewalls and the like, you deny access to everything, then only allow the addresses you want.

are you sure you're using ipchains and not iptables?
 
Old 05-26-2004, 09:24 AM   #3
loiter99
LQ Newbie
 
Registered: May 2004
Posts: 2

Original Poster
Rep: Reputation: 0
iptables

Sorry it is iptables, I have been reading a ton on this stuff and it is all jumbled around, sorry

Can you provide an example of an iptable that denies telnet to everyone except a few local IPs?

Thanks
J
 
Old 05-27-2004, 01:54 PM   #4
topche
LQ Newbie
 
Registered: Sep 2002
Distribution: SuSE
Posts: 23

Rep: Reputation: 15
iptables -N ftp_deny
iptables -A ftp_deny -J DROP
iptables -I INPUT -p tcp --dport 21 -j ftp_deny
well this is bloking port 21
now we accept:
iptables -I ftp_deny -s $some_ip -j RETURN

and that is all
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can I deny access based on mac or IP address with shorewall? enigma_0Z Linux - Networking 1 06-02-2005 04:15 PM
deny ip address with ssh DaWallace Slackware 16 05-31-2005 08:40 PM
how to deny user to use ftp to access system ust Linux - Software 4 05-23-2005 08:39 PM
ipchains, ftp from client to non-ftp ports atari303 Linux - Networking 2 11-08-2002 02:43 AM
Deny access by IP address plisken Linux - Security 1 12-29-2001 10:11 PM


All times are GMT -5. The time now is 02:28 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration