Re: Allow only certain ip addresses

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2004-06-10 at 13:39, Jonathan Villa wrote:
> I have a machine running mysql only.
> 
> I want to allow connections on ports 3306, 22, and 80 for a group of ip
> address.
> 
> Some will be from the block, others are dispersed.
> 
> Will I know how to allow block of ips, and how to allow a single ip, how
> would I combine the 2?
> 
> My assumption is this
> 
> 1. create an array of the single ip addresses.
> 2. loop throught the array printing an iptables command which will allow
> access on those ports to the loop index.
> 3. hardcode the ip block xx.xxx.xx.0/24
> 
> Am I correct so far?
You may find the iprange patch from patch-o-matic helpful if you have
contiguous addresses that do not break evenly into a subnet.  If you do
not want to patch, SubnetCreator (http://subnetcreator.sourceforge.net)
will turn the contiguous range into a group of subnets.
-- 
John A. Sullivan III
Chief Technology Officer
Nexus Management
+1 207-985-7880
john.sullivan@xxxxxxxxxxxxx
---
If you are interested in helping to develop a GPL enterprise class
VPN/Firewall/Security device management console, please visit
http://iscs.sourceforge.net 



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux