LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 05-15-2007, 04:16 AM   #1
the_gripmaster
Member
 
Registered: Jul 2004
Location: VIC, Australia
Distribution: RHEL, CentOS, Ubuntu Server, Ubuntu
Posts: 362

Rep: Reputation: 38
iptables rule help


We have several networks such as:
192.168.100.0/24
192.168.212.0/24
192.168.222.0/24
192.168.201.0/255.255.255.252

Our mail server has IP address 192.168.201.2

Now we only want to allow 192.168.100.0/24 to access port 25 of 192.168.201.2, and no other network.


What would be the rule (in iptables syntax)?

The mail server currently has no firewall rules.
 
Old 05-15-2007, 06:48 AM   #2
Samotnik
Member
 
Registered: Jun 2006
Location: Belarus
Distribution: Debian GNU/Linux testing/unstable
Posts: 471

Rep: Reputation: 40
RTFM!
man iptables!
 
Old 05-15-2007, 07:13 AM   #3
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
That's a bit tough - as far as manuals go, iptables is hard to get.


Have a look at

http://iptables-tutorial.frozentux.net/
 
Old 05-15-2007, 08:19 AM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
if the rule is to be run on the mail server itself, it would be like:
Code:
iptables -A INPUT -p TCP -s 192.168.100.0/24 --dport 25 -j ACCEPT
this assumes a policy of DROP, of course...

if your policy is ACCEPT for some reason, then just tweak it like:
Code:
iptables -A INPUT -p TCP -s ! 192.168.100.0/24 --dport 25 -j DROP
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables: rule with RETURN target just after a rule with ACCEPT target Nerox Linux - Networking 6 09-04-2011 04:33 PM
iptables rule clarification branden_burger Linux - Security 4 06-02-2006 05:55 PM
What is it doing this iptables rule?? lanczer Linux - Security 1 02-24-2006 12:26 PM
help with iptables rule!! vishamr2000 Linux - Security 6 11-09-2005 06:34 AM
IPTables Rule... Grim Reaper Linux - Software 8 04-28-2003 01:20 PM


All times are GMT -5. The time now is 01:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration