Changing IP Address For Ethernet Computer on Router Network
UbuntuThis forum is for the discussion of Ubuntu Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Nevertheless, you can add a rule on the application server INPUT chain, something like (untested)
Code:
/sbin/iptables -P INPUT DROP
/sbin/iptables -A INPUT -s 192.168.X.X -j ACCEPT
That does exactly what I want it to do. Thanks very much. Unfortunately I did something really stupid. I applied it before installing some software that I had planned to install on Ubuntu. Is there a way I can roll that back or find out the IP address of the location from which I need to install the software?
The better way would be to make more usable rules, such as allowing traffic from connections initiated by the protected host. I can't give you a recipe for that without doing some research, but it involves the use of the --state parameter, and uses the connection tracking aspect of iptables to identify connections that are established.
If someone else doesn't chime in with the solution soon, I'll dig it up and post it.
You're going to want this for a lot of reasons, like getting DNS, time-server, DHCP, and other input.
The better way would be to make more usable rules, such as allowing traffic from connections initiated by the protected host. I can't give you a recipe for that without doing some research, but it involves the use of the --state parameter, and uses the connection tracking aspect of iptables to identify connections that are established.
If someone else doesn't chime in with the solution soon, I'll dig it up and post it.
You're going to want this for a lot of reasons, like getting DNS, time-server, DHCP, and other input.
--- rod.
Thank again, Rod.
I downloaded and unpacked homeLANsecurity but could not find documentation about how to set it up. There is a file filter.function but I found that
Code:
$bash filter.function
made no difference to my iptables. Also is there a way to set up default setting for the iptables?
I just noticed the 'help' screen is wrong. The 'hls' part is not part of the command. To use the standard configuration, just run
Code:
homeLANsecurity load
It should give a message about what it is doing. You should first look in hls.conf, and edit to suite your site.
--- rod.
Thanks for the info. That certainly worked in setting up the iptable. I ran the script on the application computer. I don't know what else happened because I was subsequently unable to run php files, on the application server from the web server. I could ping both ways and run php on both machines. Even after I flushed the iptable on the application server and rebooted that server, I was still unable to access php files on the application server from the web server. The code to do so is in a php file on the web server. It was working earlier but not now. Also, after I rebooted the application server the screen resolution had changed so there are a lot more pixels in the screen and everything is tiny. Could something in the homeLANsecurity script have changed other than the firewall?
Thanks for the info. That certainly worked in setting up the iptable. I ran the script on the application computer. I don't know what else happened because I was subsequently unable to run php files, on the application server from the web server. I could ping both ways and run php on both machines. Even after I flushed the iptable on the application server and rebooted that server, I was still unable to access php files on the application server from the web server. The code to do so is in a php file on the web server. It was working earlier but not now. Also, after I rebooted the application server the screen resolution had changed so there are a lot more pixels in the screen and everything is tiny. Could something in the homeLANsecurity script have changed other than the firewall?
Thanks,
Peter.
I have the connection between the web and application server back again. For some reason Firefox on the web server was putting localhost/ before the IP address of the application server. I removed it for the first instance and now it's working fine again. But I would still like to figure out why homeLANsecurity caused problem.
I guess, like you say, I would need to change some of the setting in hls.conf. I have noticed that it already has NAT enabled. I though NAT was what was used for the local network. I tried changing everything in hls.conf to =ON but I still lost connectivity between the two servers when I called
Code:
homeLANsecurity load
I saved the default iptable from the web server (only slightly older version of Ubuntu - 11.04 versus 11.10) and restored it to the application server. Could not longer connect to the php files on the app. server from the web server although I could ping both ways. I entered
Code:
/sbin/iptables -A INPUT -s 192.168.X.X -j ACCEPT
but still couldn't connect until I shut the app. server down and restarted it. Tomorrow I might try doing that with the homeLANsecurity stuff.
Thanks,
Peter.
Last edited by OtagoHarbour; 11-10-2011 at 11:03 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.