Answer the question
In order to leave comments, you need to log in
K
K
Konstantin Khairov2016-12-12 02:55:34
Konstantin Khairov, 2016-12-12 02:55:34
How to whitelist IP on Centos?
Hello everyone, please do not judge strictly, but I need help. There is a VDS with SSH access. I'm new to Linux, everything I need has already been configured, it remains only to make an IP whitelist, but I just can't figure out how to do it. Purpose of the whitelist.
For example, my vds is located in Russia in Moscow, I have a list of ip ranges of all users in Moscow and I want to connect to the server, only users from Moscow who fall on the list of ranges can access sites. How can this be implemented in CentOS ? Thank you in advance .
2 answer(s)
@Kaylos
Here anynodes is just an arbitrary table name in
/etc/sysconfig/iptables:
We allow access via ssh only to addresses included in anynodes (the rest will be cut off by the default rule)
C
CityCat4, 2016-12-12 @Kaylos
man iptables
man ipset
For example:
Create a table
/etc/sysconfig/ipset:
create anynodes hash:net family inet hashsize 1024 maxelem 65536
add anynodes 192.168.1.0/24
add anynodes 192.168.10.0/24
add anynodes 192.168.15.0/24
add anynodes 192.168.16.0/24Here anynodes is just an arbitrary table name in
/etc/sysconfig/iptables:
*filter
:INPUT DROP [0:0]
-A INPUT -p tcp --dport 22 -m set --match-set anynodes src -j ACCEPT
-A OUTPUT -p tcp --sport 22 -m set --match-set anynodes dst -j ACCEPTWe allow access via ssh only to addresses included in anynodes (the rest will be cut off by the default rule)
Similar questions
R
P
B
D
V
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question