iptables - Firewalls

This is a discussion on iptables - Firewalls ; ANyone using iptables under Linux as a whitelist filter? For example, iptables -A INPUT -t filter -s ! 208.201.239.36 -p tcp --dport 23 -j DROP what else do I need to do to make that work?...

+ Reply to Thread
Results 1 to 3 of 3

Thread: iptables

  1. iptables

    ANyone using iptables under Linux as a whitelist filter?

    For example,

    iptables -A INPUT -t filter -s ! 208.201.239.36 -p tcp --dport 23 -j DROP


    what else do I need to do to make that work?

  2. Re: iptables

    On Mon, 05 Feb 2007, in the Usenet newsgroup comp.security.firewalls, in article
    , Rick Merrill wrote:

    >ANyone using iptables under Linux as a whitelist filter?


    Lot's of people

    >For example,
    >
    >iptables -A INPUT -t filter -s ! 208.201.239.36 -p tcp --dport 23 -j DROP


    OK - what is the matter with changing that to be an ALLOW, and having the
    default rules set to DENY as they should be? Alternately, ALLOW that
    address and port, and _then_ DENY the port in a later rule.

    >what else do I need to do to make that work?


    http://www.netfilter.org/documentation/HOWTO/

    [TXT] netfilter-extensions-HOWTO.txt 24-Dec-2006 16:06 79K
    [TXT] networking-concepts-HOWTO.txt 24-Dec-2006 16:06 28K
    [TXT] packet-filtering-HOWTO.txt 24-Dec-2006 16:06 52K

    That's actually where 'http://www.iptables.org/documentation/HOWTO/'
    redirects to now. The documents are a bit older than that. You can also
    look at the various HOWTOs that should be part of your system - the
    "Security-Quickstart-HOWTO" gives a very good set of explanations.

    Old guy


  3. Re: iptables

    Moe Trin wrote:
    > On Mon, 05 Feb 2007, in the Usenet newsgroup comp.security.firewalls, in article
    > , Rick Merrill wrote:
    >
    >> ANyone using iptables under Linux as a whitelist filter?

    >
    > Lot's of people
    >
    >> For example,
    >>
    >> iptables -A INPUT -t filter -s ! 208.201.239.36 -p tcp --dport 23 -j DROP

    >
    > OK - what is the matter with changing that to be an ALLOW, and having the
    > default rules set to DENY as they should be? Alternately, ALLOW that
    > address and port, and _then_ DENY the port in a later rule.
    >
    >> what else do I need to do to make that work?

    >
    > http://www.netfilter.org/documentation/HOWTO/
    >
    > [TXT] netfilter-extensions-HOWTO.txt 24-Dec-2006 16:06 79K
    > [TXT] networking-concepts-HOWTO.txt 24-Dec-2006 16:06 28K
    > [TXT] packet-filtering-HOWTO.txt 24-Dec-2006 16:06 52K
    >
    > That's actually where 'http://www.iptables.org/documentation/HOWTO/'
    > redirects to now. The documents are a bit older than that. You can also
    > look at the various HOWTOs that should be part of your system - the
    > "Security-Quickstart-HOWTO" gives a very good set of explanations.
    >
    > Old guy
    >


    Thanks for the tips!


+ Reply to Thread