[ale] Another Ipchains question
James P. Kinney III
jkinney at localnetsolutions.com
Thu Jan 24 09:43:18 EST 2002
/sbin/ipchains -A input -i eth0 -p tcp -s 0/0 23 -d 0/0 -j DENY
This will deny all telnet from anywhere to your machine.
If you want to allow a single machine telnet access, before the above
rule add:
/sbin/ipchains -A input -i eth0 -p tcp -s 192.168.0.2/255.255.255.255 23
-d 192.168.2.231/255.255.255.255 -j ACCEPT
IP/NETMASK can also be written IP/24 (IP/255.255.255.0) IP/32
(IP/255.255.255.255)
On Thu, 2002-01-24 at 09:06, Chris Fowler wrote:
>
> I thing I have it. Here is my command line to disable iincoming telnet requests to the server that this command is ran on
>
> /sbin/ipchains -A input -i eth0 -p tcp -s 0.0.0.0/0 23 -d 192.168.2.231/0 23 -j DENY
>
>
> But here is ipchains -L
> Chain input (policy ACCEPT):
> target prot opt source destination ports
> DENY tcp ------ anywhere anywhere telnet -> telnet
> Chain forward (policy ACCEPT):
> Chain output (policy ACCEPT):
> Chain masq (0 references):
>
>
> the /0 on destination is screwed. What should /X be? 255?
>
> I'm trying to stick with that command line format. This will be total automated.
>
> Thanks,
> Chris
>
>
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> sent to listmaster at ale dot org.
>
--
James P. Kinney III \Changing the mobile computing world/
President and COO \ one Linux user /
Local Net Solutions,LLC \ at a time. /
770-493-8244 \.___________________________./
GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
This is a digitally signed message part
More information about the Ale
mailing list