This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
To: psyche-list@listman.redhat.com From: "Leonard Miller" <Leonard_Miller@udlp.com> Subject: IPTABLES question Date: Mon, 24 Feb 2003 11:49:08 -0600 Hi, This was just dumped on my shoulders, so I'm coming here for help. I have not used iptables yet, although it is on my To-Do list. I have a test box and one of my co-horts wanted to test I-chain and asked me to allow incoming port 80 only from one address. I looked briefly at the docs and there was just WAAAAAAAAAAAY too much to go into right now, sooooooo my question is: How do I allow incoming http port 80 from only one machine and deny all others? Is it easy to turn off when testing is finished? === To: psyche-list@listman.redhat.com From: Jesse Keating <hosting@j2solutions.net> Subject: Re: IPTABLES question Date: Mon, 24 Feb 2003 09:57:17 -0800 On Monday 24 February 2003 09:49, Leonard Miller wrote: > How do I allow incoming http port 80 from only one machine and > deny all others? Is it easy to turn off when testing is finished? iptables -a INPUT -p tcp --dport 80 -s XXX.XXX.XXX.XXX Where XXX.XXX.XXX.XXX is the IP of the machine you want to allow in to port 80. When you're done, just service iptables restart. === To: psyche-list@listman.redhat.com From: Hans Scheffers <hans@jiffie.nl> Subject: Re[2]: IPTABLES question Date: Mon, 24 Feb 2003 21:43:52 +0100 Hello Jesse, What about outgoing? iptables -a OUTPUT -p tcp --sport 80 -d XXX.XXX.XXX.XXX maybe even including state=ESTABLISHED? === To: psyche-list@listman.redhat.com From: Jesse Keating <hosting@j2solutions.net> Subject: Re: Re[2]: IPTABLES question Date: Mon, 24 Feb 2003 12:45:46 -0800 On Monday 24 February 2003 12:43, Hans Scheffers wrote: > Hello Jesse, > What about outgoing? > > iptables -a OUTPUT -p tcp --sport 80 -d XXX.XXX.XXX.XXX > maybe even including state=ESTABLISHED? I suppose you should add that. Not all firewalls block outgoing traffic, just incoming. ===