Solved

Range of ip's with ipchains?

Posted on 2000-02-17
2
224 Views
Last Modified: 2010-04-20
I'm trying to set up a firewall with ipchains on a dialin server which would allow internet access but limit access to the LAN. The dialup server is a different machine than the gateway so I need some way of denying packets that are going to the local network.I tried to use the
ipchains -A output -i eth0 -d ! x.x.x.x
-j ACCEPT

directive, where x.x.x.x is the base address of the LAN as in 192.168.8.0 but this does not work. I have a statement with Masquerading as well, but that doesn't work either(this statement may be wrong though...) I've also tried restricting access to only the gateway machine, which worked, but then I was restricted from internet access as well.
The only way I can see that it would work would be to put in individual DENY statements for each of the machines on the LAN. I really don't want to have to do this, so I was wondering if there's a way to specify a range of addresses in a DENY statement? I thought by using the base address(192.168.8.0) it would deny to all machines(192.168.8.*) but that's not the case.
Please help,

Thanks
0
Comment
Question by:tibori
2 Comments
 
LVL 3

Accepted Solution

by:
RobWMartin earned 0 total points
ID: 2532997
Out of context, I don't understand what the ipchains command you supplied is doing.  However, to get a range of addresses you can use the netmask.  Short form looks like this:

X.X.X.X/24

where the 24 is the number of bits on the left to match; in this case 24 bits means the first 3 numbers.  16 would be the first 2 numbers. etc.

Rob
0
 
LVL 3

Author Comment

by:tibori
ID: 2533049
Thanks, that's what I needed, and it worked.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question