Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 05-26-2004, 04:53 AM   #1
LQ Newbie
Registered: May 2004
Posts: 2

Rep: Reputation: 0
Deny FTP by IP address with ipchains

I am just starting out and would like to know how I can use ipchains to deny FTP(SSH) & web access to all but a select few internal addresses.

Specifically, I am looking for examples, I have been unable to find specific examples in my search.

Thank you,
Old 05-26-2004, 09:19 AM   #2
Registered: Dec 2003
Location: Northern VA
Posts: 493

Rep: Reputation: 30
well, typically, with firewalls and the like, you deny access to everything, then only allow the addresses you want.

are you sure you're using ipchains and not iptables?
Old 05-26-2004, 09:24 AM   #3
LQ Newbie
Registered: May 2004
Posts: 2

Original Poster
Rep: Reputation: 0

Sorry it is iptables, I have been reading a ton on this stuff and it is all jumbled around, sorry

Can you provide an example of an iptable that denies telnet to everyone except a few local IPs?

Old 05-27-2004, 01:54 PM   #4
LQ Newbie
Registered: Sep 2002
Distribution: SuSE
Posts: 23

Rep: Reputation: 15
iptables -N ftp_deny
iptables -A ftp_deny -J DROP
iptables -I INPUT -p tcp --dport 21 -j ftp_deny
well this is bloking port 21
now we accept:
iptables -I ftp_deny -s $some_ip -j RETURN

and that is all


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Can I deny access based on mac or IP address with shorewall? enigma_0Z Linux - Networking 1 06-02-2005 04:15 PM
deny ip address with ssh DaWallace Slackware 16 05-31-2005 08:40 PM
how to deny user to use ftp to access system ust Linux - Software 4 05-23-2005 08:39 PM
ipchains, ftp from client to non-ftp ports atari303 Linux - Networking 2 11-08-2002 02:43 AM
Deny access by IP address plisken Linux - Security 1 12-29-2001 10:11 PM

All times are GMT -5. The time now is 09:22 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration