Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

iptables - how to block a port to one IP?

Discussion in 'General Discussion' started by minotauro, Oct 7, 2004.

  1. minotauro

    minotauro Well-Known Member

    Joined:
    Jan 19, 2004
    Messages:
    89
    Likes Received:
    0
    Trophy Points:
    156
    Hello,

    How to block a port to one IP using iptables rules?

    Thanks,
    Minotauro.
     
  2. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    890
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    This Planet
    iptables -A INPUT -s xxx.xxx.xxx.xxx -p portocol --destination-port portname -j DROP

    xxx.xxx.xxx.xxx : is the IP address
    portocol : portocol (TCP/UDP/ICMP)
    portname : telnet for example

    Read Docs before playing with iptables, however.
    The above should do the trick.

    Anup
     
  3. sfi-dd

    sfi-dd Member

    Joined:
    Jul 19, 2004
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    151
    Here is another solution for you.

    The apf firewall script from http://www.rfxnetworks.com/apf.php can handle mutliple IP addresses.(mutliple eth cards or virual eth cards) The other reason I suggest this script is for newbies, it has a cron reset function. So if you make a mistake, it will reset itself to no rules after five mins (default setting). This is real handy if the server is in a remote datacenter. Once you have everything setup, you just edit its main config file to disable the auto reset.

    I would still suggest learning how to manually configuring your iptables, instead of using a script, but this is a nice little script that will protect your box while you learn.
     
  4. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    890
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    This Planet
    apf+bfd-portsentry = ideal combination to start with :)

    Anup
     
  5. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    168
    Please explain how you consider that a 'solution' to the question of blocking one port to one IP?
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice