LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 11-08-2011, 05:18 PM   #1
papaLou
LQ Newbie
 
Registered: Jan 2011
Posts: 12

Rep: Reputation: 0
iptables rule to allow only one IP to connect


I'm trying to figure out a way that my linux box will allow only one IP address to connect to a list of ports.

I don't know what IP address it will be but once I have one IP connected I want to drop all others.

Anyone have any hints?
 
Old 11-08-2011, 06:23 PM   #2
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Wheezy/Jessie/Sid, Linux Mint DE
Posts: 4,248

Rep: Reputation: 558Reputation: 558Reputation: 558Reputation: 558Reputation: 558Reputation: 558
Try and see if connlimit suits your needs.
http://www.cyberciti.biz/faq/iptable...-limits-howto/

jlinkels
 
Old 11-08-2011, 07:23 PM   #3
papaLou
LQ Newbie
 
Registered: Jan 2011
Posts: 12

Original Poster
Rep: Reputation: 0
Not quite, I need to limit number of IP's connected, this can limit number of connections per IP. Thanks though
 
Old 11-08-2011, 07:31 PM   #4
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Wheezy/Jessie/Sid, Linux Mint DE
Posts: 4,248

Rep: Reputation: 558Reputation: 558Reputation: 558Reputation: 558Reputation: 558Reputation: 558
connlimit-mask 32?

jlinkels
 
Old 11-09-2011, 12:56 PM   #5
hermouche
Member
 
Registered: Nov 2004
Location: Algeria
Posts: 111

Rep: Reputation: 15
Quote:
Originally Posted by papaLou View Post
I'm trying to figure out a way that my linux box will allow only one IP address to connect to a list of ports.

I don't know what IP address it will be but once I have one IP connected I want to drop all others.

Anyone have any hints?
Let say you want to give access only to 192.160.0.2 and to ports 80,443.
I think we can write it like this:
Quote:
iptables -A INPUT -s ! 192.168.0.2 -p tcp -m multiport 80,443 -j DROP
Which means that if it's not the 192.168.0.2 host, well just drop it.

I'm not sure about it, but give it a try

red

Last edited by hermouche; 11-09-2011 at 12:57 PM.
 
Old 11-09-2011, 01:56 PM   #6
teebones
Member
 
Registered: Aug 2005
Location: /home/teebones
Distribution: sometimes this, sometimes that..
Posts: 500

Rep: Reputation: 56
Quote:
Originally Posted by hermouche View Post
Let say you want to give access only to 192.160.0.2 and to ports 80,443.
I think we can write it like this:

Which means that if it's not the 192.168.0.2 host, well just drop it.

I'm not sure about it, but give it a try

red
that not what the OP wants.. the remote IP is unknown, so a rule like yours is not possible.
He needs a throttle on the serviceport(s), so one source can connect to it (unrelated to how many times this source connects to it)

Although i don't see why the OP wants to do this, since it could mean the OP is not allowed to connect if a portscan is ran by someone (hack recon e.g.)
 
  


Reply

Tags
firewall, ip address, iptables, linux, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables: rule with RETURN target just after a rule with ACCEPT target Nerox Linux - Networking 6 09-04-2011 04:33 PM
iptables rule bkcreddy17 Linux - Security 2 01-20-2009 07:38 AM
iptables rule: ssh does not connect reliably Robert S Linux - Networking 3 12-08-2007 09:04 AM
iptables rule help the_gripmaster Linux - Security 3 05-15-2007 08:19 AM
help with iptables rule!! vishamr2000 Linux - Security 6 11-09-2005 06:34 AM


All times are GMT -5. The time now is 07:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration