LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Need help setting up an ACL
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-16-2006, 09:09 AM   #1
flibby
LQ Newbie
 
Registered: Jan 2006
Posts: 4

Rep: Reputation: 0
Unhappy Need help setting up an ACL

Hello there,

i have to set up an ACL on my SuSE 9.1 machine using iptables. Unfortunately i have no idea how to do this. It would be very kind if someone can help me with that.

OK here it goes:

I have a small network with some clients and my SuSE server. I want to allow the client 192.168.1.15 to access the SuSE server (IP: 192.168.1.1) using HTTP, HTTPS, FTP, SSH, SSL. Everything else should be denied, also, all other clients should be totally locked out from the server.

I think it works something like this:

source 192.168.1.15 destination 192.168.1.1 allow HTTP HTTPS FTP SSH SSL
source any destination 192.168.1.1 deny any

Now it allows the one client only, and blocks all others. But what about the replies of the server which are being sent to the client which is permitted? Do I have to permit them too?

Thanks for your help!
Last edited by flibby; 01-16-2006 at 09:11 AM.
 
Old 01-16-2006, 04:31 PM   #2
Krugger
Member
 
Registered: Oct 2004
Posts: 229

Rep: Reputation: 30
You should read through the man pages:

#flush
iptables -F INPUT

#set default
iptables -P INPUT DROP

#rule - accept things from that ip for any of the following ports...
iptables -A INPUT -p tcp -s 192.168.1.15 -m multiport --dports "www,https,ftp,ftp-data,ssh" -j ACCEPT
 
Old 01-16-2006, 07:48 PM   #3
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 52
You might find it easier to use a configuration program for iptables, eg. shorewall, guarddog or firestarter
 
Old 01-17-2006, 10:21 PM   #4
~=gr3p=~
Member
 
Registered: Feb 2005
Location: ~h3av3n~
Distribution: RHEL 4, Fedora Core 3,6,7 Centos 5, Ubuntu 7.04
Posts: 227

Rep: Reputation: 30
hi i always recommend visiting this site to get started with Iptables

http://www.linuxhomenetworking.com/w...Using_iptables
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ACL support anamikasoni Red Hat 2 03-21-2005 10:11 PM
posix acl Ammad Linux - General 3 03-20-2005 05:35 PM
ACL Help theDrix Linux - General 0 07-22-2004 08:25 AM
problem with ACL alpesh Linux - Newbie 1 07-28-2003 12:43 AM
HOW to - Group ACL aqoliveira Linux - Software 1 12-16-2002 06:00 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:34 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration