Using IPCHAINS to allow only a range of IPs
Is it possible to deny all incoming packets and allow only packets coming from the range of IP addresses 123.123.X.X using IP chains (kernel 2.2) ?
I'm trying to use this:
# ipchains -P input DENY
# ipchains -A input -j ALLOW -p all -s 220.127.116.11/16 -d 0.0.0.0/0
I cannot really know if it would work or not since i cannot implement it right now. My doubt arises whether the two above rules should be interchanged or not... I would also like to know how to log packets which are denied (the man pages say to specify LOG as target... but I also want DENY... does this mean specifying 'DENY LOG' as target?
Last edited by ganninu; 01-13-2004 at 03:50 AM.