Answer the question
In order to leave comments, you need to log in
V
V
Vladislav Kolotsei2015-07-16 10:24:19
Vladislav Kolotsei, 2015-07-16 10:24:19
Address blocking not working in iptables?
In iptables I write the following line for my web server: 
In theory, there should be access only from the local network and from the ip address painted in red. But everyone can reach my web server. What do I need to do to have access only from the local network and from a specific ip address?
PS I tried to insert -I instead of -A. No result. Maybe I'm not saving something?
2 answer(s)
@vlady_32
@azazelpw
M
mureevms, 2015-07-16 @vlady_32
Show the rules of the policy.
Most likely you have them,
but you need
UPD: Well, don't forget to make an exception for SSH on incoming connections)
A
Azazel PW, 2015-07-16 @azazelpw
Show the full table
iptables -S
Ideally it should show like this, I will give an example based on the port ssh
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp -s %source_ip% --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0 /24 --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
Then you will reject all other ip
Similar questions
C
O
A
I
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question