Re: [PLUG] IPChains Question: HTTP port access

Timothy Lee Young on Fri, 2 Nov 2001 13:50:10 +0100

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] IPChains Question: HTTP port access

From: Timothy Lee Young <youtim73@netaxs.com>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] IPChains Question: HTTP port access

Date: Fri, 2 Nov 2001 07:38:45 -0500 (EST)

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

The IP addresses will not be changing... ethernet addresses are cool, but I'd rather stick with IP addresses. There will be just a few, non-contiguous IP addresses that I want to allow access to the HTTP port. I've considered IPtables--and I run Red Hat Linux 7.2 so it should be able to do it, but don't I have to do things like insmod or enable IP tables in the kernel? I don't quite feel ready to fool around with the kernel on this yet, and IPchains is readily available. On Thu, 1 Nov 2001 paul@dpagin.net wrote: > Is there any possibility of the IP addresses changing? If the > computers are on the same network segment, you might be able to use > MAC addresses instead of IPs. > > I can't pull the syntax out of my hat right now. Have you looked at > the IPchains HOWTO? > > It might be a good idea to get used to IPtables instead of IPchains. > > > > Timothy Lee Young wrote: > > > > Greetings, all! > > > > I'm new to the world of IPchains firewall, and I'm attempting to secure a > > Linux server. I know a few IPChains basics, such as I have closed off my > > designated server to all traffic (types of services, http/telnet/etc) from > > all users, except I have it opened for 'all traffic' for certain designated > > users. But here's my question-- > > > > Instead of closing off the server the way I have, I'd prefer to leave the > > server and traffic open to all, except I'd like to close off HTTP port 3000 > > to everyone reading it EXCEPT a few designated IP addresses (so these > > designated machines can read/pull data from HTTP port 3000). I have a > > network monitoring package running and users can view it's data on HTTP port > > 3000, and would like only users on select machines (IP addresses) to access & > > view the data (web page). What is the IPchains command/setup to do this? > > > > Thanks, in advance for all your help! > > Tim > > > > ______________________________________________________________________ > > Philadelphia Linux Users Group - http://www.phillylinux.org > > Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce > > General Discussion - http://lists.phillylinux.org/mail/listinfo/plug > > ______________________________________________________________________ > Philadelphia Linux Users Group - http://www.phillylinux.org > Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce > General Discussion - http://lists.phillylinux.org/mail/listinfo/plug > ______________________________________________________________________ Philadelphia Linux Users Group - http://www.phillylinux.org Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce General Discussion - http://lists.phillylinux.org/mail/listinfo/plug

Follow-Ups:

Re: [PLUG] IPChains Question: HTTP port access
From: gabriel rosenkoetter <gr@eclipsed.net>

Re: [PLUG] IPChains Question: HTTP port access
From: paul@dpagin.net

References:

Re: [PLUG] IPChains Question: HTTP port access
From: paul@dpagin.net

Prev by Date: Re: [PLUG] Favorite Recruiter/Headhunter?

Next by Date: Re: SuSE 7.3 (Re: [RE: [RE: [[PLUG] Fonts?]]])

Previous by thread: Re: [PLUG] IPChains Question: HTTP port access

Next by thread: Re: [PLUG] IPChains Question: HTTP port access

Index(es):

Date

Thread