Archives
Archives
| From: | Norberto Bensa <nbensa@×××.net> | ||
|---|---|---|---|
| To: | gentoo-user@l.g.o | ||
| Subject: | Re: [gentoo-user] IPtables question | ||
| Date: | Thu, 01 Feb 2007 04:04:45 | ||
| Message-Id: | 200702010058.35787.nbensa@gmx.net | ||
| In Reply to: | [gentoo-user] IPtables question by James Colby |
||
| 1 | James Colby wrote: |
| 2 | > currently forwarding all ssh traffic to my gentoo box. What I would |
| 3 | > like to do is set up iptables to only allow ssh logins from a small |
| 4 | > number of internet hosts, |
| 5 | |
| 6 | iptables -A INPUT -s ip-address-of-know-host --dport 22 -j ACCEPT |
| 7 | |
| 8 | |
| 9 | > and to reject and log all other ssh |
| 10 | > attempts. |
| 11 | |
| 12 | iptables -A INPUT --dport 22 -j LOG |
| 13 | iptables -A INPUT --dport 22 -j REJECT |
| 14 | |
| 15 | Regards, |
| 16 | Norberto |