Answer the question
In order to leave comments, you need to log in
S
S
Smoke User2020-12-14 16:29:59
Smoke User, 2020-12-14 16:29:59
How to whitelist ip addresses in iptables ubuntu to access only one port?
Kind time of the day
Please answer or send
me how to register in Iptables a white list of IP addresses access only to port 80?
and the rest that are not on the list just dropped.
Here in habré I found the following answer:
iptables -I INPUT -p tcp -m tcp --dport 80 -j DROP
iptables -I INPUT -s 1.1.1.1/32 -p tcp -m tcp --dport 80 -j ACCEPT
but I have hundreds of IP address ranges and I think it will be a cumbersome rule if I specify everything.
I used to write on fribsd in notepad and point to the PF firewall
, if there is such a thing in iptables it would be great.
1 answer(s)
@Astarot
A
Alexey Dmitriev, 2020-12-14 @Astarot
ipset create whitelistport80 nethash
ipset add
whitelistport80 1.0.1.0/24 # repeat many times
iptables -A INPUT -p tcp --dport 80 -m set --match-set !whitelistport80 src -j DROP ipset is driven regardless of the rule (keep in mind, it is reset when the machine is rebooted, you can use ipset-save and ipset-restore if there are standard scripts)
Similar questions
O
N
@
A
N
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question