Am Do, den 02.12.2004 schrieb Vinicius um 1:59: > how to create a complex rule with system-config-securitylevel, please? Didn't I already answer you to the same question a couple of days ago, that this is not possible? This is a very basic tool > For example, I would like to enable a range of public IP's to access a > specified port and block the rest. www.netfilter.org and please learn the syntax of iptables. iptables -A INPUT -i eth0 -s 123.123.123.0/24 --dport 1234 -j ACCEPT iptables -A INPUT -i eth0 -s 0/0 --dport 1234 -j REJECT --reject-with icmp-port-unreachable This would for instance allow the subnet 123.123.123.0 to 123.123.123.255 to connect on port 1234 which comes in through ethernet device eth0. All other incoming connections through eth0 on port 1234 are rejected. > TIA, Vinicius. Alexander -- Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.9-1.6_FC2smp Serendipity 02:21:51 up 11 days, 21:09, load average: 0.10, 0.28, 0.43
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil