How to properly open port for IP in iptables?

E

extensionsapp2018-05-24 17:24:38

linux

extensionsapp, 2018-05-24 17:24:38

For the second day I have been racking my brains and hated iptables.
I open the port for IP and close it for everyone else.

-A INPUT -s 123.124.125.126/32 -p tcp -m tcp --dport 32808 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 32808 -j REJECT --reject-with icmp-port-unreachable

But with this setting, it does not let.

~# telnet 223.224.225.226 32808
Trying 223.224.225.226...
telnet: Unable to connect to remote host: Connection refused

I change to

-A INPUT -s 123.124.125.126/32 -p tcp -m tcp --dport 32808 -j ACCEPT

Lets, but lets from all IP addresses, and I need only from 123.124.125.126
Any options?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

S

solalex, 2018-05-24
@solalex

iptables -A INPUT -s 123.124.125.126/32 -m state --state NEW tcp --dport 32808 -j ACCEPT
iptables -A INPUT -m state --state NEW tcp --dport 32808 -j DROP
this is for one port 32808 and must go in order
if there are more rules, then first allowing, then blocking

R

Ruslan Fedoseev, 2018-05-25
@martin74ua

iptables -L INPUT show