لطفا منتظر باشید ...
Recipe 2.7 Blocking Access from a Remote Host
2.7.1 Problem
You want to block incoming traffic from a
particular host.
2.7.2 Solution
To block all access by that host:For
iptables:
# iptables -A INPUT -s remote_IP_address -j REJECT
For
ipchains:
# ipchains -A input -s remote_IP_address -j REJECT
To block requests for one particular service, say, the
SMTP mail
service:For
iptables:
# iptables -A INPUT -p tcp -s remote_IP_address --dport smtp -j REJECT
For
ipchains:
# ipchains -A input -p tcp -s remote_IP_address --dport smtp -j REJECT
To admit some hosts but block all others:For
iptables
:
# iptables -A INPUT -s IP_address_1 [-p protocol --dport service] -j ACCEPT
# iptables -A INPUT -s IP_address_2 [-p protocol --dport service] -j ACCEPT
# iptables -A INPUT -s IP_address_3 [-p protocol --dport service] -j ACCEPT
# iptables -A INPUT [-p protocol --dport service] -j REJECT
For
ipchains:
# ipchains -A input -s IP_address_1 [-p protocol --dport service] -j ACCEPT
# ipchains -A input -s IP_address_2 [-p protocol --dport service] -j ACCEPT
# ipchains -A input -s IP_address_3 [-p protocol --dport service] -j ACCEPT
# ipchains -A input [-p protocol --dport service] -j REJECT
2.7.3 Discussion
You can also block access at other levels such as TCP-wrappers. [Recipe 3.9][Recipe 3.11]
2.7.4 See Also
iptables(8), ipchains(8).
