Quote:
Originally Posted by chrism01
Something like
Code:
iptables -I INPUT -s 192.168.1.10 -p tcp --dport 8080 -j ACCEPT
iptables -I INPUT -s 10.254.14.16 -p tcp --dport 8080 -j ACCEPT
iptables -I INPUT -p tcp --dport 8080 -j DROP
Untested !
|
You've got the order of your rules inverted. Since you're inserting instead of appending, that last command would create the first rule in the chain, thereby sending all port 8080/TCP packets to DROP. Basically, you should instead have something like:
Code:
iptables -I INPUT -p tcp --dport 8080 -j DROP
iptables -I INPUT -s 192.168.1.10 -p tcp --dport 8080 -j ACCEPT
iptables -I INPUT -s 10.254.14.16 -p tcp --dport 8080 -j ACCEPT
Quote:
Originally Posted by netxus
Hi..
Anyone can help me..I have setup my linux fedora server and i want to restrict access to my server.Basically i control using iptables.I'm not sure how to write an iptables rules to control drop all connection to port 8080 and allow only certain ip can access the instance on port 8080 example ip=10.254.14.16,192.168.1.10.
|
Are you sure you only want to filter port 8080/TCP?
That's what the rules above do, but it's a better idea to filter everything (IMO, at least).