denying access from ip address with iptables

List overview All Threads
Download

newer

older

RE: [CentOS] LVM

Kernel panic in usbserial - now in...

Andrew Rice

6 Jan 2006 6 Jan '06

12:56 p.m.

Can someone tell me if I edit the iptables file manually to create a rule to deny ANY access to a server or do I need to use the gui?

-- Andrew Rice Jr

Show replies by date

Rodrigo Barbosa

6 Jan 6 Jan

3:17 p.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Fri, Jan 06, 2006 at 06:56:52AM -0600, Andrew Rice wrote:

...

Can someone tell me if I edit the iptables file manually to create a rule to deny ANY access to a server or do I need to use the gui?

You can edit /etc/sysconfig/iptables for that, of course.

However, the correct way to do it, by RHEL standards, is to use iptables to put the rules you want in place, and then use "service iptables save" to commit it to /etc/sysconfig/iptables.

Best Regards,

- -- Rodrigo Barbosa rodrigob@suespammers.org "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

...PGP SIGNATURE...

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDvoobpdyWzQ5b5ckRAs7+AKC4pefI9jtHosdaxXHrLkTtMf3FFwCgstER SJsvaS1pxP3HninlTfwscMs= =XjRj -----END PGP SIGNATURE-----

Lance Davis

3:23 p.m.

On Fri, 6 Jan 2006, Andrew Rice wrote:

...

Can someone tell me if I edit the iptables file manually to create a rule to deny ANY access to a server or do I need to use the gui?

If you know how to do it then there is no problem with editing rules manually.

Just make sure that the rules are saved in the relevant script and not just run manually, otherwise restarting iptables or rebooting the machine would lose the setting.

Lance

-- uklinux.net - The ISP of choice for the discerning Linux user.

Bryan J. Smith

5:28 p.m.

Andrew Rice andrew@nams.net wrote:

...

Can someone tell me if I edit the iptables file manually to create a rule to deny ANY access to a server or do I need

...

use the gui?

You can do it a number of ways.

You can run the iptables command directly and the command line, then run "service iptables save" and it will integrate it into the "/etc/sysconfig/iptables" ruleset.

-- Bryan J. Smith Professional, Technical Annoyance b.j.smith@ieee.org http://thebs413.blogspot.com ---------------------------------------------------- *** Speed doesn't kill, difference in speed does ***

Peter Kitchener

10 Jan 10 Jan

2:40 a.m.

One way that i have found is a nice easy to use solution is the Shorewall iptables configuration program. It is available in the CentOS os repository. It may be over kill but it also allows you to control many other aspects of the firewall with simple configuration files.

Peter

Andrew Rice wrote:

...

Can someone tell me if I edit the iptables file manually to create a rule to deny ANY access to a server or do I need to use the gui?

6952

Age (days ago)

6956

Last active (days ago)

discuss@lists.centos.org

4 comments

5 participants

tags (0)

participants (5)

Andrew Rice
Bryan J. Smith
Lance Davis
Peter Kitchener
Rodrigo Barbosa