iptables666
Reputation: 1
iptables ACL question
how do I drop all traffic to smtp, except originating from my IP? This example I found drops traffic for particular IP, I need to deny by default, but allow 1 IP in. Thanks
# iptables -A INPUT -s 65.55.44.100 -p tcp --destination-port 25 -j DROP
Upvotes: 0
Views: 2878
Answers (3)
ciupinet
Reputation: 21
iptables -A INPUT -s ! 65.55.44.100 -p tcp --destination-port 25 -j DROP
Upvotes: 2
qid
Reputation: 1913
If you actually want to deny all traffic by default, and only open up holes for specific protocols/addresses/etc., what you want to do is continue to use the rule you have now, and also modify the default policy like so:
# iptables -P INPUT DROP
Otherwise, siposa's answer will drop all SMTP traffic except for the specified IP address, while not affecting other protocols.
Upvotes: 1
siposa
Reputation: 111
# iptables -A INPUT -s 65.55.44.100 -p tcp --destination-port 25 -j ACCEPT
# iptables -A INPUT -p tcp --destination-port 25 -j DROP
Upvotes: 1
Related Questions
- iptables allow request started by server
- iptables configuration to allow specific IP addresses and block the rest
- iptables input, output rules
- Creating a firewall using iptables
- How to remove iptables rule
- Write IPTable rules
- Creating firewall rules using iptables
- iptables... something wrong
- ACL = whitelisting
- Querying for ACL on Linux