Re: how would I write this complex ip tables rule

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Technical wrote:

i want any to access my web server;
i want no one from idiot.com except joe.idiot.com and mary.idiot to access
my web server... thanks




For something this specific, you might be better off telling iptables to let in all traffic for port 80, then configuring your web server (apache I presume) to set who can access what from where.

I believe that would go something like this in the relevant bits of httpd.conf.

SetOrder Allow,Deny
    Allow from joe.idiot.com
    Allow from mary.idiot.com
    Deny from idiot.com
    Allow from all

By putting this in the webserver config rather than the firewall config, you'll be keeping everything 'non-standard' in one place instead of two, making it less likely that you'll forget about your changes later.



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux