LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-19-2011, 03:22 AM   #1
shipon_97
Member
 
Registered: Oct 2005
Location: Bangladesh
Posts: 490

Rep: Reputation: 30
Allow more than one ip through specific port ?


Friends,

I can allow only one ip through specific port like the below way :

iptables -I INPUT \! --src 192.168.0.1 -m tcp -p tcp --dport 3000 -j DROP

But Now If I want to do the above restriction for more than one IP (like, 0.1, .0.2, 0.3) and reject all other ip , then how can I write the above rules .

Plz help ... ...
 
Old 11-19-2011, 03:32 AM   #2
fukawi1
Member
 
Registered: Apr 2009
Location: Melbourne
Distribution: Fedora & CentOS
Posts: 854

Rep: Reputation: 190Reputation: 190
You can do it using the iprange module...

Quote:
iprange match options:
[!] --src-range ip[-ip] Match source IP in the specified range
[!] --dst-range ip[-ip] Match destination IP in the specified range
 
Old 11-19-2011, 05:16 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,360
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
...and another option could be to use the "recent" module and then echo IP addresses into /etc/proc/net/ipt_recent/${LISTNAME}. 'man iptables' (search for "recent") for details.
 
Old 11-20-2011, 01:14 AM   #4
shipon_97
Member
 
Registered: Oct 2005
Location: Bangladesh
Posts: 490

Original Poster
Rep: Reputation: 30
Block a port for specific ips!

Thx fukawi1...

I give the below command to enable a series of IP to nrowse using 3000 port :

"iptables -A INPUT -m iprange --src-range 192.168.0.36-192.168.0.56 -p tcp --dport 3000 -j ACCEPT"

But it is not working . using the above rules everybody can use 3000 port . But If I use below :

"iptables -A INPUT -m iprange --src-range 192.168.0.36-192.168.0.56 -p tcp --dport 3000 -j REJECT"
Then its working ,the above ip's are not connected with 3000 port for 36 to 56 ip range .

Actually I want the above first one condition where I can give the acceptance some few ip (like 192.168.0.2,192.168.0.30,192.168.0.34) and reject all other ip . Would you plz help me giving example.
I am grateful to u ... ...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SNMP listen specific port help sir-lancealot Linux - Server 3 07-01-2011 11:21 AM
TX/RX packets through a specific port? WorldBuilder Linux - Networking 3 01-02-2008 11:25 AM
Block port 22 for specific IP's lmcilwain Linux - Security 4 10-28-2007 07:41 AM
routing on a specific port stapper Linux - Networking 0 10-10-2002 02:08 PM
Telnet to a specific port... Harbinger Linux - Networking 1 01-28-2001 11:41 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration