The Planet Forums > open port to certain IPs.

The Planet Forums > Security > Firewalls

gordonrp

Jan 25 2005, 11:37 AM

How can I open a port to certain IP addresses (more than one), but block all other traffic?

Which file should I edit, and what should I put in it?

tia
gp

Bruceleeon

Jan 25 2005, 02:17 PM

are you using APF? or some other firewall?

gordonrp

Jan 25 2005, 02:20 PM

yes apf thanks

gp

gordonrp

Jan 25 2005, 03:06 PM

I just found this:

QUOTE

Syntax:
proto:flow:[s/d]=port:[s/d]=ip(/mask)
s - source , d - destination , flow - packet flow in/out

Examples:
inbound to destination port 22 from 24.202.16.11
tcp:in:d=22:s=24.202.16.11

outbound to destination port 23 to destination host 24.2.11.9
out:d=23:d=24.2.11.9

inbound to destination port 3306 from 24.202.11.0/24
d=3306:s=24.202.11.0/24

For a mysql server should the port be open just inbdound, or both inbound and outbound?

tia
gp

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.