Answer the question
In order to leave comments, you need to log in
A
A
AkZwork2020-12-30 02:24:18
AkZwork, 2020-12-30 02:24:18
How can one of the two IPs on Ubuntu be prohibited from connecting from the network?
Good afternoon.
There is an Ubuntu 18 server, two IP addresses are hammered through netplan: the main and alias (one ens3).
Now you can connect from the outside to the server from both IP addresses.
How to disable connection to the server from the main IP?
The whole point is that I connect to the VPN from an additional IP, and if necessary, I connect via ssh on the same IP. But I go to the network through VPN already from the main address and it is necessary that connections from the outside are completely blocked on it.
Thank you.
2 answer(s)
@Zoominger
iface1 is changed to the name of the interface.
Note that this rule does indeed block all incoming connections. Maybe it's easier for you to block SSH on this interface?
@SignFinder
R
Ronald McDonald, 2020-12-30 @Zoominger
iptables -P INPUT DROP -i iface1
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT -o iface1iface1 is changed to the name of the interface.
Note that this rule does indeed block all incoming connections. Maybe it's easier for you to block SSH on this interface?
A
Alexey Dmitriev, 2020-12-30 @SignFinder
Learn iptables
The command to block all new connections coming to an ip address is as follows:
iptables -I INPUT -p ip to block -m state --state NEW - j DROP The
-I switch is for the rule to be at the top of the list and have priority.
The key -m state --state NEW - so that incoming reverse connections in response to open ones initiated by the host itself are not prohibited, but only new connections to an ip address from somewhere are prohibited.
Similar questions
A
J
J
D
K
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question