[SLE] A question for the iptables gurus. :)
From: Ben Rosenberg (red.kryptonite_at_gmail.com)
Date: 11/04/05
- Previous message: BandiPat: "Re: [SLE] SUSE 10.0 - XMMS, Kaffeine, xine"
- Next in thread: Ian Marlier: "Re: [SLE] A question for the iptables gurus. :)"
- Reply: Ian Marlier: "Re: [SLE] A question for the iptables gurus. :)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 3 Nov 2005 20:44:02 -0800 To: sle <suse-linux-e@suse.com>
I'm trying to write some iptables rules so that I can let someone
telnet to machines on a 10.0.0.0 network but not allow them to telnet
anywhere else.. effectively blocking outbound telnet to ANYTHING
except the machines on the 10.0.0.0 network. I thought I had it but I
guess I don't. The rules are as follows...
# allow outgoing telnet traffic
/usr/sbin/iptables -A FORWARD -p TCP -i eth2 -d 10.0.0.0/8 --dport 23 -j ACCEPT
# block all other outgoing telnet traffic
/usr/sbin/iptables -A FORWARD -p TCP -i eth2 -d 0/0 --dport 23 -j DROP
This machine is a Compaq DL760 with 2 dual port 10/100 cards in it and
eth2 is the first port on card 2.
Any help would be appreciated.
Thanks!
-Ben
-- Atheism is a non-prophet organization. -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
- Previous message: BandiPat: "Re: [SLE] SUSE 10.0 - XMMS, Kaffeine, xine"
- Next in thread: Ian Marlier: "Re: [SLE] A question for the iptables gurus. :)"
- Reply: Ian Marlier: "Re: [SLE] A question for the iptables gurus. :)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
