how do i get full ssh block accept my ip adresses
the topic sais it all,
how to i block full access on SSH accept a coupleo f ip adresses and save this on IPTables for restoring afther reboot.?? please help me whit thisone thanks. |
Your title does not say it all. I'm sure it's a simple language issue, but you mean except, not accept, and within iptables they mean very different things. And you've not said what distro your using or firewall management tool to know how to best achieve this.
Basically within iptables you would probably just want to add something like iptables -A INPUT -p tcp -s a.b.c.d -dport 22 -m state -state NEW -j ACCEPT Assuming that the rest of your firewall handles established connections generically and such. |
Quote:
iptables -A INPUT -p tcp -s a.b.c.d, a.b.c.d, a.b.c.d -dport 22 -m state -state NEW -j ACCEPT |
Quote:
Code:
iptables -A INPUT -p TCP -m iprange --src-range a.b.c.d-w.x.y.z \ |
If you aren't wedded to iptables, you may find it simpler to simple add these IPs to sshd_config. Something like
AllowUsers *@123.456.78.90 *@098.765.43.21 *@192.168.0.* etc. |
yess
yes and now i need to block / drop every other incoming and outgoing connections,
assuming the inserted ip's will be accepted. |
thanks in advanced
|
and howto restore this atfher reboot, i try iptables-save but afther reboot it's config is gone
|
it's a debian machine there is no /etc/init.d/iptables
command not found |
All times are GMT -5. The time now is 07:09 AM. |