How to add multiple ip address for login to ssh for iptables

Support for security such as Firewalls and securing linux
Post Reply
Drexxor
Posts: 13
Joined: 2006/10/22 14:04:19

How to add multiple ip address for login to ssh for iptables

Post by Drexxor » 2006/10/23 00:40:49

How would i add more ip address to access the server because there one of my friends and me sshing to the server

Thanks,
drexxor

khronous
Posts: 111
Joined: 2005/11/12 11:46:48
Location: Philippines

How to add multiple ip address for login to ssh for iptables

Post by khronous » 2006/10/23 02:16:40

try doing this.

-A INPUT -m state --state NEW -p tcp -m tcp -s (ip-address) --dport 22 -j ACCEPT

-s your permited ip address
--dport directive specifies the port for ssh (22)

-A INPUT -m state --state NEW -p tcp -m tcp -s ! (ip-address) --dport 22 -j DROP

and here, the '!' means not, so you can drop or reject that packet if you want to.
and if possible DROP should be the default policy for INPUT in the filter table.
it make sense doing that when u have a firewall.
hope this helps! goodluck!

Post Reply

Return to “CentOS 4 - Security Support”