[LUGOS] iptables
Aleš Sušnik
alesh at domenca.com
Mon Oct 20 10:44:36 CEST 2003
Najprej dovoli dostop samo IPju 10.5.5.2 do subneta 192.168.1.0/0, potem pa
z rulom zablokiraj dostop celotnemu subnetu 10.5.5.0/24.
Jaz npr. blokiram določenim mašinam dostop do neta na takle način:
/usr/sbin/iptables -t nat -A POSTROUTING -o $EXTIF -s 192.168.1.50 -j DROP
/usr/sbin/iptables -t nat -A OUTPUT -o $EXTIF -s 192.168.1.50 -j DROP
Aleš
-----Original Message-----
From: Administrator [mailto:sysadmin at ice.si]
Sent: Monday, October 20, 2003 10:15 AM
To: lugos-list at lugos.si
Subject: [LUGOS] iptables
Kako preprečim subnetu 10.5.5.0/24 dostop do 192.168.1.0/24, vendar pa
pustim dvema mašinama do ftp na 10.5.5.2. Te dve mašini sta 192.168.1.31 in
192.168.1.37.
Hvala!
More information about the lugos-list
mailing list