iptables

iptables

am 05.02.2007 23:03:09 von Rick Merrill

ANyone using iptables under Linux as a whitelist filter?

For example,

iptables -A INPUT -t filter -s ! 208.201.239.36 -p tcp --dport 23 -j DROP


what else do I need to do to make that work?

Re: iptables

am 06.02.2007 20:48:03 von ibuprofin

On Mon, 05 Feb 2007, in the Usenet newsgroup comp.security.firewalls, in article
, Rick Merrill wrote:

>ANyone using iptables under Linux as a whitelist filter?

Lot's of people

>For example,
>
>iptables -A INPUT -t filter -s ! 208.201.239.36 -p tcp --dport 23 -j DROP

OK - what is the matter with changing that to be an ALLOW, and having the
default rules set to DENY as they should be? Alternately, ALLOW that
address and port, and _then_ DENY the port in a later rule.

>what else do I need to do to make that work?

http://www.netfilter.org/documentation/HOWTO/

[TXT] netfilter-extensions-HOWTO.txt 24-Dec-2006 16:06 79K
[TXT] networking-concepts-HOWTO.txt 24-Dec-2006 16:06 28K
[TXT] packet-filtering-HOWTO.txt 24-Dec-2006 16:06 52K

That's actually where 'http://www.iptables.org/documentation/HOWTO/'
redirects to now. The documents are a bit older than that. You can also
look at the various HOWTOs that should be part of your system - the
"Security-Quickstart-HOWTO" gives a very good set of explanations.

Old guy

Re: iptables

am 06.02.2007 23:37:36 von Rick Merrill

Moe Trin wrote:
> On Mon, 05 Feb 2007, in the Usenet newsgroup comp.security.firewalls, in article
> , Rick Merrill wrote:
>
>> ANyone using iptables under Linux as a whitelist filter?
>
> Lot's of people
>
>> For example,
>>
>> iptables -A INPUT -t filter -s ! 208.201.239.36 -p tcp --dport 23 -j DROP
>
> OK - what is the matter with changing that to be an ALLOW, and having the
> default rules set to DENY as they should be? Alternately, ALLOW that
> address and port, and _then_ DENY the port in a later rule.
>
>> what else do I need to do to make that work?
>
> http://www.netfilter.org/documentation/HOWTO/
>
> [TXT] netfilter-extensions-HOWTO.txt 24-Dec-2006 16:06 79K
> [TXT] networking-concepts-HOWTO.txt 24-Dec-2006 16:06 28K
> [TXT] packet-filtering-HOWTO.txt 24-Dec-2006 16:06 52K
>
> That's actually where 'http://www.iptables.org/documentation/HOWTO/'
> redirects to now. The documents are a bit older than that. You can also
> look at the various HOWTOs that should be part of your system - the
> "Security-Quickstart-HOWTO" gives a very good set of explanations.
>
> Old guy
>

Thanks for the tips!