Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Range of ip's with ipchains?

Posted on 2000-02-17
2
Medium Priority
?
236 Views
Last Modified: 2010-04-20
I'm trying to set up a firewall with ipchains on a dialin server which would allow internet access but limit access to the LAN. The dialup server is a different machine than the gateway so I need some way of denying packets that are going to the local network.I tried to use the
ipchains -A output -i eth0 -d ! x.x.x.x
-j ACCEPT

directive, where x.x.x.x is the base address of the LAN as in 192.168.8.0 but this does not work. I have a statement with Masquerading as well, but that doesn't work either(this statement may be wrong though...) I've also tried restricting access to only the gateway machine, which worked, but then I was restricted from internet access as well.
The only way I can see that it would work would be to put in individual DENY statements for each of the machines on the LAN. I really don't want to have to do this, so I was wondering if there's a way to specify a range of addresses in a DENY statement? I thought by using the base address(192.168.8.0) it would deny to all machines(192.168.8.*) but that's not the case.
Please help,

Thanks
0
Comment
Question by:tibori
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Accepted Solution

by:
RobWMartin earned 0 total points
ID: 2532997
Out of context, I don't understand what the ipchains command you supplied is doing.  However, to get a range of addresses you can use the netmask.  Short form looks like this:

X.X.X.X/24

where the 24 is the number of bits on the left to match; in this case 24 bits means the first 3 numbers.  16 would be the first 2 numbers. etc.

Rob
0
 
LVL 3

Author Comment

by:tibori
ID: 2533049
Thanks, that's what I needed, and it worked.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question