Originally Posted by paranoid times
I'm looking for a way to add a rule that would whitelist my ip address when I login with SSH. I can grab the IP out of the SSH_CONNECTION variable, however I'm not sure how I could add it into iptables with my non-root privileged user. I've got root access, but I want the process to be automatic. I considered sudo, however I don't want normal users to be able to modify anything about iptables, though perhaps there is a trick about it that I don't know which would only allow it in the /etc/profile or the like.
Any ideas on how I could do this?
just make sure only you have access to /sbin/iptables as a sudo user.
yes, the command can be added in your .bash_profile
# Cmnd alias specification
Cmnd_Alias IP = IPTABLES /sbin/iptables
# User privilege specification
username ALL=IPTABLES, NOPASSWD: IPTABLES
then just add the relevant command to .bash_profile or start up file of your choice