* Limit access to one subnet? @ 2005-09-15 15:51 Jason Luka 2005-09-15 16:58 ` Edmundo Carmona 0 siblings, 1 reply; 5+ messages in thread From: Jason Luka @ 2005-09-15 15:51 UTC (permalink / raw) To: netfilter I'm trying to figure out how to allow only 141.225.x.x to access port 8080 on a server. It's a proxy server and obviously I don't want anyone outside of campus to be able to access it. ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Limit access to one subnet? 2005-09-15 15:51 Limit access to one subnet? Jason Luka @ 2005-09-15 16:58 ` Edmundo Carmona 2005-09-16 13:08 ` Sai Kiran 0 siblings, 1 reply; 5+ messages in thread From: Edmundo Carmona @ 2005-09-15 16:58 UTC (permalink / raw) To: netfilter on the server: iptables -A INPUT -s 141.225/16 -p tcp -dport 8080 -j ACCEPT iptables -P INPUT DROP Use with care. On 9/15/05, Jason Luka <jluka@geshp.com> wrote: > I'm trying to figure out how to allow only 141.225.x.x to access port 8080 > on a server. It's a proxy server and obviously I don't want anyone outside > of campus to be able to access it. > > > ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Limit access to one subnet? 2005-09-15 16:58 ` Edmundo Carmona @ 2005-09-16 13:08 ` Sai Kiran 2005-09-16 14:14 ` Edmundo Carmona 0 siblings, 1 reply; 5+ messages in thread From: Sai Kiran @ 2005-09-16 13:08 UTC (permalink / raw) To: eantoranz; +Cc: netfilter hi, don't forget iptables -I INPUT -i lo -j ACCEPT > > iptables -A INPUT -s 141.225/16 -p tcp -dport 8080 -j ACCEPT > iptables -P INPUT DROP ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Limit access to one subnet? 2005-09-16 13:08 ` Sai Kiran @ 2005-09-16 14:14 ` Edmundo Carmona [not found] ` <200509161533.j8GFXMLw004847@narya.memphis.edu> 0 siblings, 1 reply; 5+ messages in thread From: Edmundo Carmona @ 2005-09-16 14:14 UTC (permalink / raw) To: netfilter That's what I meant when I said to use with care. He has to figure out the "exact" way the firewall has to be set. If he only used those two rules I wrote before... He'll have jumped into a deep pond of S&/T... so to speak. :-) On 9/16/05, Sai Kiran <saikiranrgda@gmail.com> wrote: > hi, > > don't forget > > iptables -I INPUT -i lo -j ACCEPT > > > > > iptables -A INPUT -s 141.225/16 -p tcp -dport 8080 -j ACCEPT > > iptables -P INPUT DROP > ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <200509161533.j8GFXMLw004847@narya.memphis.edu>]
* Re: Limit access to one subnet? [not found] ` <200509161533.j8GFXMLw004847@narya.memphis.edu> @ 2005-09-16 15:40 ` Edmundo Carmona 0 siblings, 0 replies; 5+ messages in thread From: Edmundo Carmona @ 2005-09-16 15:40 UTC (permalink / raw) To: netfilter Hey... but that's the thing about the firewall... you can always open the ssh port on the LAN side of your box... so it's not available on internet... and so you don'r have to be really in front of that box... and at the same time protect it from outside people. On 9/16/05, Jason Luka <jluka@geshp.com> wrote: > Yeah, I got it working right. I just needed the help because if I screwed > it up, I'd actually have to put a monitor and keys on the server, but yeah > it works right. The timing was good too, a hacker hit some of our machines > last night. > > > ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2005-09-16 15:40 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-09-15 15:51 Limit access to one subnet? Jason Luka
2005-09-15 16:58 ` Edmundo Carmona
2005-09-16 13:08 ` Sai Kiran
2005-09-16 14:14 ` Edmundo Carmona
[not found] ` <200509161533.j8GFXMLw004847@narya.memphis.edu>
2005-09-16 15:40 ` Edmundo Carmona
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox