[[iptables]]
 
Trace: » autoboxing » closures » tcl » mysql » erlang » java » smtp » javascript » struts » iptables

iptables

iptables -I INPUT -s xxx.xxx.xxx.xxx -j DROP

insert (-i) into chain INPUT with source (-s) ip xxx.xxx.xxx.xxx and jump (-j) to target DROP 

iptables -L INPUT

List the entries in the INPUT chain 

iptables -F INPUT

Flush the INPUT chain 

iptables -L -n**

List by IP address 

iptables-save > /etc/iptables.conf

Saves 

iptables-restore < /etc/iptables.conf

Restores

Using as a firewall

use the output chain to drop all requests on port 80

  1. A OUTPUT -p tcp -m tcp –dport 80 -j DROP
  2. A OUTPUT -p tcp -m tcp –dport 443 -j DROP

then accept ips that you want

  1. A OUTPUT -s 217.158.112.246 -d 212.118.245.130 -p tcp -m tcp –dport 80 -j ACCEPT

Adding on command line 

iptables -I OUTPUT -s 217.158.112.246 -d destinationIP -p tcp --dport 80 -j ACCEPT
 
iptables.txt · Last modified: 2009/04/21 09:12 (external edit)
 
Except where otherwise noted, content on this wiki is licensed under the following license:CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki