[ale] Another Ipchains question

James P. Kinney III jkinney at localnetsolutions.com
Thu Jan 24 09:43:18 EST 2002


/sbin/ipchains -A input -i eth0 -p tcp -s 0/0 23 -d 0/0 -j DENY

This will deny all telnet from anywhere to your machine.

If you want to allow a single machine telnet access, before the above
rule add:

/sbin/ipchains -A input -i eth0 -p tcp -s 192.168.0.2/255.255.255.255 23
-d 192.168.2.231/255.255.255.255 -j ACCEPT

IP/NETMASK can also be written IP/24 (IP/255.255.255.0) IP/32
(IP/255.255.255.255)

On Thu, 2002-01-24 at 09:06, Chris Fowler wrote:
> 
> I thing I have it.  Here is my command line to disable iincoming telnet requests to the server that this command is ran on
> 
> /sbin/ipchains -A input -i eth0 -p tcp -s 0.0.0.0/0 23 -d 192.168.2.231/0 23 -j DENY
> 
> 
> But here is ipchains -L
> Chain input (policy ACCEPT):
> target     prot opt     source                destination           ports
> DENY       tcp  ------  anywhere             anywhere              telnet ->   telnet
> Chain forward (policy ACCEPT):
> Chain output (policy ACCEPT):
> Chain masq (0 references):
> 
> 
> the /0 on destination is screwed.  What should /X be?  255?
> 
> I'm trying to stick with that command line format.  This will be total automated.
> 
> Thanks,
> Chris
> 
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> sent to listmaster at ale dot org.
> 
-- 
James P. Kinney III   \Changing the mobile computing world/
President and COO      \          one Linux user         /
Local Net Solutions,LLC \           at a time.          /
770-493-8244             \.___________________________./

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 



 This is a digitally signed message part




More information about the Ale mailing list