"iptables -L --line-numbers" will show you the line numbers of the
rules.
"iptables -A INPUT -p tcp -s ! ONLY_IP_YOU_WANT --dport 22 -j DROP" will
block every connection to port 22 except ONLY_IP_YOU_WANT.
-----Original Message-----
From: Meatplow [mailto:greg@meatplow.com]
Sent: Friday, September 24, 2004 4:57 PM
To: focus-linux@securityfocus.com
Subject: iptables & tcp wrappers
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello.
I'm running RH Enterprise edition.
I'm relatively new to iptables. I am getting the common intrusion
attempts with some of the common uses of test/guest/root/ and a
couple others I've been able to add the IPs to the to iptables.,
but
I'd really like a log that tells me the info that I want to know.
My basic input command is this :
#iptables -A INPUT -p tcp -s PUT_IP_HERE -d 0/0 --syn -j DROP
iptables seem a little convoluted. Example. To delete a line -
supposedly give it a line and it will be deleted/modified. My
problem is even with #iptable -L -v there is no line number ?
My goal is to block all incoming ssh attempts except IP#.
This is where I got into hosts.allow/deny as mentioned below.
I've tried to find many different types of commands and it works to
some degree, but not the way I'd expect it to.
Any help would be appreciated. I'm not completely sure that I
understand iptables as well as I want/need to. I've also toyed
around with the hosts.allow/hosts.deny and have not been successful.
I know that there is a lot of info in here, and I'm tired. I'll
leave it at that
Thanks in advance for your time and help.
Meatplow
greg ta meatplow.com
Thanks again.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBQVSBsR42gIcyjrnjEQJIqwCfWAShp7r+J1XNNjQq6sbvvD03WZ8AoNrg
ctQ837g5pQDafgBhTTeeMr1V
=niWK
-----END PGP SIGNATURE-----
--
Fedora-config-list mailing list
Fedora-config-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-config-list
