[H-GEN] IPTables problem
Harry Phillips
harry at tux.com.au
Mon Jul 19 06:36:19 EDT 2004
Harry Phillips wrote:
>
> iptables -A INPUT -d $EXT_IF -s $MYIP -p tcp --syn --destination-port 22
> -j ACCEPT
> iptables -A INPUT -d $EXT_IF -j DROP
>
Ok I worked it out:
EXT_IP="xxx.xxx.xxx.xxx"
INT_NW="192.168.1.0/24"
IPTABLES="/sbin/iptables"
$IPTABLES -A INPUT -s $INT_NW -p tcp --syn --dport 22 -j ACCEPT
$IPTABLES -A INPUT -s ! $EXT_IP -p tcp --syn --dport 22 -j DROP
That makes it so that it will accept connections from the internal
network and drop everything else except the IP address of my ADSL modem.
--
Regards,
Harry Phillips
More information about the General
mailing list