[Wylug-help] simple iptables rule
John Hodrien
johnh at comp.leeds.ac.uk
Tue Feb 15 17:44:00 GMT 2005
On Tue, 15 Feb 2005, John Hodrien wrote:
> On Tue, 15 Feb 2005, Gary Stainburn wrote:
>
>> Hi folks.
>>
>> I've got a RH7.3+errata box with eth1 visible to the internet. eth0 is
>> internal.
>>
>> What do I need to put where so that iptables limits access to eth1 to 1
>> specifc IP address while not affecting eth0 at all.
>
> iptables -i eth1 -s !specific.ip.add.ress -j DROP
> iptables -o eth1 -d !specific.ip.add.ress -j DROP
You'd need a space between the ! and the s if you used that one.
jh
--
"Madam, you have between your legs an instrument capable of giving pleasure to
thousands - and all you can do is scratch it."
-- Sir Thomas Beecham (to a cellist)
More information about the Wylug-help
mailing list