From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.54) id 1FOEX0-0005IW-6I for garchives@archives.gentoo.org; Tue, 28 Mar 2006 13:46:46 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.6/8.13.5) with SMTP id k2SDifYW026335; Tue, 28 Mar 2006 13:44:41 GMT Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.239]) by robin.gentoo.org (8.13.6/8.13.5) with ESMTP id k2SDcc7k002924 for ; Tue, 28 Mar 2006 13:38:39 GMT Received: by wproxy.gmail.com with SMTP id 50so1457669wri for ; Tue, 28 Mar 2006 05:38:38 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=qdFRXq1u/z85Ftm2gs0uNtnk86bHx3s7xKXkAZ8kOwocqhy6P/lZrGoDRpFu9+g2s1OhnNtvPdbcYEBKQkF1Z2/bxLyVYJ0QXjsWehpNjFWUz60LgAtNcigtXrmek1uvb9dSSrGsIuv9vnBmhajPrgeZQ58CTorbI2vcr0AD+EU= Received: by 10.65.53.10 with SMTP id f10mr3416757qbk; Tue, 28 Mar 2006 05:38:38 -0800 (PST) Received: by 10.65.155.20 with HTTP; Tue, 28 Mar 2006 05:38:38 -0800 (PST) Message-ID: Date: Tue, 28 Mar 2006 19:08:38 +0530 From: "Hiren Dave" To: gentoo-user@lists.gentoo.org, VGLUG@googlegroups.com Subject: [gentoo-user] iptables question Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_28438_314358.1143553118346" X-Archives-Salt: 87b40b92-3589-46ca-b8a6-73dbc653074e X-Archives-Hash: 5ffa11d59f125dfbbbc6f72011d28dff ------=_Part_28438_314358.1143553118346 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Hi, I want to configure firewall such that network 192.168.1.0/24 can only access http server from server1(192.168.0.2/24) and network 192.168.0.0/24 can not access http server. So I tried this: #service iptables stop #iptables -P INPUT DROP #iptables -t filter -A INPUT -s 192.168.1.0/24 --dport 80 -j ACCEPT But this command sends error that "Unknown arg: --dport" HOW CAN I ACHIEVE THIS? ALSO IS THERE ANY BOOKS OR ONLINE DOCUMENTS FOR PRACTICALLY LEARNING OF IPTABLES? TnR Hiren ------=_Part_28438_314358.1143553118346 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline

Hi,

I want to configure firewall such that network 192.168.1.0/24 can
only access http server from server1(192.168.0.2/24) and
network 192.168.0.0/24 can not access http server. So I tried this:

#service iptables stop
#iptables -P INPUT DROP
#iptables -t filter= -A INPUT -s 192.168.1.0/24 --dport 8= 0 -j ACCEPT

But this command sends error that "Unknown arg: --dport"

HOW CAN I ACHIEVE THIS?
 
ALSO IS THERE ANY BOOKS OR ONLINE DOCUMENTS FOR PRACTICALLY LEARN= ING OF IPTABLES?

TnR
Hiren

------=_Part_28438_314358.1143553118346-- -- gentoo-user@gentoo.org mailing list