* Limit access to one subnet?
@ 2005-09-15 15:51 Jason Luka
2005-09-15 16:58 ` Edmundo Carmona
0 siblings, 1 reply; 5+ messages in thread
From: Jason Luka @ 2005-09-15 15:51 UTC (permalink / raw)
To: netfilter
I'm trying to figure out how to allow only 141.225.x.x to access port 8080
on a server. It's a proxy server and obviously I don't want anyone outside
of campus to be able to access it.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Limit access to one subnet?
2005-09-15 15:51 Limit access to one subnet? Jason Luka
@ 2005-09-15 16:58 ` Edmundo Carmona
2005-09-16 13:08 ` Sai Kiran
0 siblings, 1 reply; 5+ messages in thread
From: Edmundo Carmona @ 2005-09-15 16:58 UTC (permalink / raw)
To: netfilter
on the server:
iptables -A INPUT -s 141.225/16 -p tcp -dport 8080 -j ACCEPT
iptables -P INPUT DROP
Use with care.
On 9/15/05, Jason Luka <jluka@geshp.com> wrote:
> I'm trying to figure out how to allow only 141.225.x.x to access port 8080
> on a server. It's a proxy server and obviously I don't want anyone outside
> of campus to be able to access it.
>
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Limit access to one subnet?
2005-09-15 16:58 ` Edmundo Carmona
@ 2005-09-16 13:08 ` Sai Kiran
2005-09-16 14:14 ` Edmundo Carmona
0 siblings, 1 reply; 5+ messages in thread
From: Sai Kiran @ 2005-09-16 13:08 UTC (permalink / raw)
To: eantoranz; +Cc: netfilter
hi,
don't forget
iptables -I INPUT -i lo -j ACCEPT
>
> iptables -A INPUT -s 141.225/16 -p tcp -dport 8080 -j ACCEPT
> iptables -P INPUT DROP
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Limit access to one subnet?
2005-09-16 13:08 ` Sai Kiran
@ 2005-09-16 14:14 ` Edmundo Carmona
[not found] ` <200509161533.j8GFXMLw004847@narya.memphis.edu>
0 siblings, 1 reply; 5+ messages in thread
From: Edmundo Carmona @ 2005-09-16 14:14 UTC (permalink / raw)
To: netfilter
That's what I meant when I said to use with care. He has to figure out
the "exact" way the firewall has to be set. If he only used those two
rules I wrote before... He'll have jumped into a deep pond of S&/T...
so to speak. :-)
On 9/16/05, Sai Kiran <saikiranrgda@gmail.com> wrote:
> hi,
>
> don't forget
>
> iptables -I INPUT -i lo -j ACCEPT
>
> >
> > iptables -A INPUT -s 141.225/16 -p tcp -dport 8080 -j ACCEPT
> > iptables -P INPUT DROP
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Limit access to one subnet?
[not found] ` <200509161533.j8GFXMLw004847@narya.memphis.edu>
@ 2005-09-16 15:40 ` Edmundo Carmona
0 siblings, 0 replies; 5+ messages in thread
From: Edmundo Carmona @ 2005-09-16 15:40 UTC (permalink / raw)
To: netfilter
Hey... but that's the thing about the firewall... you can always open
the ssh port on the LAN side of your box... so it's not available on
internet... and so you don'r have to be really in front of that box...
and at the same time protect it from outside people.
On 9/16/05, Jason Luka <jluka@geshp.com> wrote:
> Yeah, I got it working right. I just needed the help because if I screwed
> it up, I'd actually have to put a monitor and keys on the server, but yeah
> it works right. The timing was good too, a hacker hit some of our machines
> last night.
>
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2005-09-16 15:40 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-09-15 15:51 Limit access to one subnet? Jason Luka
2005-09-15 16:58 ` Edmundo Carmona
2005-09-16 13:08 ` Sai Kiran
2005-09-16 14:14 ` Edmundo Carmona
[not found] ` <200509161533.j8GFXMLw004847@narya.memphis.edu>
2005-09-16 15:40 ` Edmundo Carmona
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox