The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

iptables - how to block a port to one IP?

Discussion in 'General Discussion' started by minotauro, Oct 7, 2004.

  1. minotauro

    minotauro Well-Known Member

    Joined:
    Jan 19, 2004
    Messages:
    89
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    How to block a port to one IP using iptables rules?

    Thanks,
    Minotauro.
     
  2. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    iptables -A INPUT -s xxx.xxx.xxx.xxx -p portocol --destination-port portname -j DROP

    xxx.xxx.xxx.xxx : is the IP address
    portocol : portocol (TCP/UDP/ICMP)
    portname : telnet for example

    Read Docs before playing with iptables, however.
    The above should do the trick.

    Anup
     
  3. sfi-dd

    sfi-dd Member

    Joined:
    Jul 19, 2004
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Here is another solution for you.

    The apf firewall script from http://www.rfxnetworks.com/apf.php can handle mutliple IP addresses.(mutliple eth cards or virual eth cards) The other reason I suggest this script is for newbies, it has a cron reset function. So if you make a mistake, it will reset itself to no rules after five mins (default setting). This is real handy if the server is in a remote datacenter. Once you have everything setup, you just edit its main config file to disable the auto reset.

    I would still suggest learning how to manually configuring your iptables, instead of using a script, but this is a nice little script that will protect your box while you learn.
     
  4. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    apf+bfd-portsentry = ideal combination to start with :)

    Anup
     
  5. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    Please explain how you consider that a 'solution' to the question of blocking one port to one IP?
     
Loading...

Share This Page