|
setting up iptables
G'day
I'm new to linux and have a linux server that I want to setup with iptables. My server is in one country while I am in another. I want to secure it for my PC and the DC to have shell access only. It is a web server so the hosted web pages also need to be able to be viewed. It is shell access that I want to limit. I have read some tutorials and am confused with the amount of info out there. Any help would be an advantage. Later Mydal |
I don't quite understand what you are saying. You want to set up a web server and nothing else right? You want shell access but you want to restrict it?
|
Ok... sorry 'bout not being clear. :newbie:
I have a server which has a number of sites on it. I want to set it up so as to set the ip addresses which will be able to login to root, ie. admin and the dc. Any IP's other than those listed will not be able to gain root access. Otherwise the server is running as a normal web server, with sites on it which are viewable by all and sundry in the usual way of web sites. So, any helpful hints or links you have about setting up IP tables which could help out would be appreciated, as I don't really want to lock everyone out whilst i learn by trial and error (not in this instance, anyhow!) :o Thanks |
if the IP addresses are static this is trivially easy:
iptables -A INPUT -p tcp --dport 22 -s <ip#1> -j ACCEPT iptables -A INPUT -p tcp --dport 22 -s <ip#2> -j ACCEPT .... (continue as needed for all IP's) .... #iptables -A INPUT -p tcp --dport 22 -s <ip>/<mask> -j ACCEPT #above is alternative to allow a whole range iptables -A INPUT -p tcp --dport 22 -j DROP iptables will then proceed to try and match line by line a given IP connecting to port 22(ssh port) and deny it if it's not allowed explicitly. repeat the same for port 80 if needed to filter html traffic... |
| All times are GMT -5. The time now is 07:32 AM. |