S
S
Semyon Semenych2015-11-06 15:25:35
iptables
Semyon Semenych, 2015-11-06 15:25:35

How to allow all ports for a specific ip?

How to allow all ports for a specific ip?
My current iptables:

*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [64:11092]
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m conntrack --ctstate NEW -m multiport --dports 20:22,25,80,443,110,143,465,587,53,5432 -j ACCEPT
-A INPUT -p udp -m conntrack --ctstate NEW -m multiport --dports 53 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -s IP/32 -j ACCEPT
-A FORWARD -s IP/32 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state INVALID -j DROP
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Answer the question

In order to leave comments, you need to log in

2 answer(s)
R
Ruslan Fedoseev, 2015-11-06
@ExplosiveZ

and what does the line -A FORWARD -s IP/32 -j ACCEPT
You most likely mixed up -s and -d ;)

V
Vladimir, 2015-11-06
@rostel

add
before -A FORWARD -j REJECT ...

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question