|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] iptables question
|
You can specify the source IP's. Since the dport is 80 you don't need
to have a :80 on the DNAT. If you were changing the the destination
port to something like 8080 then you would have to nat the port.
iptables -t nat -A PREROUTING -s 232.232.0.0/16 -p tcp --dport 80 -i
eth0 -j DNAT \
--to 192.168.1.69
Michael Whitman wrote:
>
> I want to make http port 80 accessible only to a certain range of ips (like
> 232.232.***.***)
>
> /sbin/iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 -j DNAT --to
> 192.16\
> 8.1.69:80
>
> what do i need to add to that statement?
>
> Also I see you can limit by MAC address, I couldnt get that to
> work. Anyone ever done that?
>
> -Mike
>
> ______________________________________________________________________
> Philadelphia Linux Users Group - http://www.phillylinux.org
> Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
> General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
--
Rev. LeRoy D. Cressy mailto:leroy@lrcressy.com /\_/\
http://lrcressy.com ( o.o )
Phone: 215-535-4037 > ^ <
Jesus saith unto him, I am the way, the truth, and the life:
no man cometh unto the Father, but by me. (John 14:6)
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|
|