ip_tables newbie needs help [was "test - please ignore"

To: debian-user <debian-user@lists.debian.org>
Subject: ip_tables newbie needs help [was "test - please ignore"
From: "ernst@vindal.com" <ernst@vindal.com>
Date: Wed, 02 Apr 2003 18:18:29 +0200
Message-id: <[🔎] 3E8B0D55.1090507@vindal.com>
In-reply-to: <20030402152815.GD28904@wacka.mjr.org>
References: <[🔎] 3E8AF7F8.5080504@vindal.com> <20030402152815.GD28904@wacka.mjr.org>

Hugh Saunders wrote:

[OFF-LIST]

On Wed, Apr 02, 2003 at 01:47:20PM -0100, ernst wrote:

test - please ignore


<flame>
it is *never* necessary to post a test message.
</flame>

why not just post something relevant (as that is why you joined the list
(hopeully)) then see if you get it back?

Sometimes takes 30mins or so for message to come back from the
list servers.

hugh


Sorry about this, never do it again.

So to my question,

I have a debian box configured as firewall with IP tables. Basiclyexepting all traffic out and only ssh in. But this rule say "Alloweveryone access". Her is from the firewall script:

<snip>
/sbin/iptables -A INPUT -p tcp --dport ssh -j ACCEPT
/sbin/iptables -A INPUT -p udp --dport ssh -j ACCEPT
</snip>

Is there an easy way to change the rule so I can limit to e.g :
one host?
one net/subnet
or users?

Another problem is when I run "iptables -L" after stop and start,I'll get the same result. Is there a way to "flush", or clean up therules?


Please help.
thanks

--
/ernst

Reply to:

Follow-Ups:
- Re: ip_tables newbie needs help [was "test - please ignore"
  - From: Vineet Kumar <debian-user@virtual.doorstop.net>

References:
- test - please ignore
  - From: ernst <ernst@vindal.com>

Prev by Date: Re: Removable Media: What is the practical answer??
Next by Date: Re: how to install Gnome?? xfree 4.??
Previous by thread: test - please ignore
Next by thread: Re: ip_tables newbie needs help [was "test - please ignore"
Index(es):
- Date
- Thread