LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 11-08-2011, 04:18 PM   #1
papaLou
LQ Newbie
 
Registered: Jan 2011
Posts: 12

Rep: Reputation: 0
iptables rule to allow only one IP to connect


I'm trying to figure out a way that my linux box will allow only one IP address to connect to a list of ports.

I don't know what IP address it will be but once I have one IP connected I want to drop all others.

Anyone have any hints?
 
Old 11-08-2011, 05:23 PM   #2
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 3,978

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
Try and see if connlimit suits your needs.
http://www.cyberciti.biz/faq/iptable...-limits-howto/

jlinkels
 
Old 11-08-2011, 06:23 PM   #3
papaLou
LQ Newbie
 
Registered: Jan 2011
Posts: 12

Original Poster
Rep: Reputation: 0
Not quite, I need to limit number of IP's connected, this can limit number of connections per IP. Thanks though
 
Old 11-08-2011, 06:31 PM   #4
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 3,978

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
connlimit-mask 32?

jlinkels
 
Old 11-09-2011, 11:56 AM   #5
hermouche
Member
 
Registered: Nov 2004
Location: Algeria
Posts: 111

Rep: Reputation: 15
Quote:
Originally Posted by papaLou View Post
I'm trying to figure out a way that my linux box will allow only one IP address to connect to a list of ports.

I don't know what IP address it will be but once I have one IP connected I want to drop all others.

Anyone have any hints?
Let say you want to give access only to 192.160.0.2 and to ports 80,443.
I think we can write it like this:
Quote:
iptables -A INPUT -s ! 192.168.0.2 -p tcp -m multiport 80,443 -j DROP
Which means that if it's not the 192.168.0.2 host, well just drop it.

I'm not sure about it, but give it a try

red

Last edited by hermouche; 11-09-2011 at 11:57 AM.
 
Old 11-09-2011, 12:56 PM   #6
teebones
Member
 
Registered: Aug 2005
Location: /home/teebones
Distribution: sometimes this, sometimes that..
Posts: 500

Rep: Reputation: 56
Quote:
Originally Posted by hermouche View Post
Let say you want to give access only to 192.160.0.2 and to ports 80,443.
I think we can write it like this:

Which means that if it's not the 192.168.0.2 host, well just drop it.

I'm not sure about it, but give it a try

red
that not what the OP wants.. the remote IP is unknown, so a rule like yours is not possible.
He needs a throttle on the serviceport(s), so one source can connect to it (unrelated to how many times this source connects to it)

Although i don't see why the OP wants to do this, since it could mean the OP is not allowed to connect if a portscan is ran by someone (hack recon e.g.)
 
  


Reply

Tags
firewall, ip address, iptables, linux, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables: rule with RETURN target just after a rule with ACCEPT target Nerox Linux - Networking 6 09-04-2011 03:33 PM
iptables rule bkcreddy17 Linux - Security 2 01-20-2009 06:38 AM
iptables rule: ssh does not connect reliably Robert S Linux - Networking 3 12-08-2007 08:04 AM
iptables rule help the_gripmaster Linux - Security 3 05-15-2007 07:19 AM
help with iptables rule!! vishamr2000 Linux - Security 6 11-09-2005 05:34 AM


All times are GMT -5. The time now is 08:20 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration