From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1HCMaU-0006Zl-8N for garchives@archives.gentoo.org; Wed, 31 Jan 2007 21:01:50 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.8/8.13.8) with SMTP id l0VL0hYL012962; Wed, 31 Jan 2007 21:00:43 GMT Received: from out4.smtp.messagingengine.com (out4.smtp.messagingengine.com [66.111.4.28]) by robin.gentoo.org (8.13.8/8.13.8) with ESMTP id l0VKuKA4007551 for ; Wed, 31 Jan 2007 20:56:20 GMT Received: from out1.internal (unknown [10.202.2.149]) by out1.messagingengine.com (Postfix) with ESMTP id C615E9CBFD for ; Wed, 31 Jan 2007 15:56:19 -0500 (EST) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by out1.internal (MEProxy); Wed, 31 Jan 2007 15:56:19 -0500 X-Sasl-enc: 7FzvslZ6UMDRKNQ3Wr6Ii7QtSzROgS5HWixWX0PgSLRy 1170276979 Received: from [192.168.31.10] (cpe-76-185-203-114.tx.res.rr.com [76.185.203.114]) by www.fastmail.fm (Postfix) with ESMTP id 625D623529 for ; Wed, 31 Jan 2007 15:56:19 -0500 (EST) Subject: Re: [gentoo-user] IPtables question From: Albert Hopkins To: gentoo-user@lists.gentoo.org In-Reply-To: References: Content-Type: text/plain Organization: Gentoo Foundation Date: Wed, 31 Jan 2007 14:56:18 -0600 Message-Id: <1170276978.31556.3.camel@blackwidow.nbk> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.8.2.1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 89c7e2b2-bf83-4b2b-b1ce-e9c0dcef3978 X-Archives-Hash: ffa34153df5f3c1cb90f7c3ccdfcf689 On Wed, 2007-01-31 at 15:36 -0500, James Colby wrote: > List members - > > I have a small home server that I have connected to the internet > through a linksys router and cable modem. The linksys router is > currently forwarding all ssh traffic to my gentoo box. What I would > like to do is set up iptables to only allow ssh logins from a small > number of internet hosts, and to reject and log all other ssh > attempts. Can someone please help me out with this. All of the > tutorials and documentation that I have found are setting up a fully > functioning firewall / NAT / proxy, and I think that is a little > overkill for my needs.s If you don't want the whole iptables suite you might want to consider good ole hosts.allow/hosts.deny as an alternative. They work fine with sshd if you have tcpwrappers enabled. -- gentoo-user@gentoo.org mailing list