Restricting IPs to access DB Port 1521?
I have RHEL Machine which has 1521 port active. All I want to restrict the certains IPs like 10.14.236.140/141/142/143 to access this DB Port.Anyone who can sugest me for that? If I need to write a script, can anyone help me with the same.
Also, it would be good to restrict those machine with hostname (if possible) |
You could write some iptables rules to do this: personally I prefer to install Firestarter, which is a nice, simple gui front-end to iptables firewalls and makes life soooo much simpler. (As long as you're not configuring a router with 3 NICs, or something complicated, which it seems you're not).
Hostname/IP restrictions are all there, and it's got a good log for firewall violations as well, which I like. Hope this helps, from a fellow oracle dba!! ;) |
Firewall.
# Allow access on the server RHEL Machine from certain machines on the local network. -A INPUT -s 10.14.236.140/143 -p tcp -m tcp --dport 1521 -m state --state NEW -j ACCEPT The idea about using hostname isn't really good because the hostname could be changed. |
Thanks AleLinuxBSD,
Will this rule only allow those IPs ( Is 140/143 correct way for range IPs?) What if I want to provide hostname restrictly? |
All times are GMT -5. The time now is 10:59 AM. |