Solved

Range of ip's with ipchains?

Posted on 2000-02-17
2
227 Views
Last Modified: 2010-04-20
I'm trying to set up a firewall with ipchains on a dialin server which would allow internet access but limit access to the LAN. The dialup server is a different machine than the gateway so I need some way of denying packets that are going to the local network.I tried to use the
ipchains -A output -i eth0 -d ! x.x.x.x
-j ACCEPT

directive, where x.x.x.x is the base address of the LAN as in 192.168.8.0 but this does not work. I have a statement with Masquerading as well, but that doesn't work either(this statement may be wrong though...) I've also tried restricting access to only the gateway machine, which worked, but then I was restricted from internet access as well.
The only way I can see that it would work would be to put in individual DENY statements for each of the machines on the LAN. I really don't want to have to do this, so I was wondering if there's a way to specify a range of addresses in a DENY statement? I thought by using the base address(192.168.8.0) it would deny to all machines(192.168.8.*) but that's not the case.
Please help,

Thanks
0
Comment
Question by:tibori
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Accepted Solution

by:
RobWMartin earned 0 total points
ID: 2532997
Out of context, I don't understand what the ipchains command you supplied is doing.  However, to get a range of addresses you can use the netmask.  Short form looks like this:

X.X.X.X/24

where the 24 is the number of bits on the left to match; in this case 24 bits means the first 3 numbers.  16 would be the first 2 numbers. etc.

Rob
0
 
LVL 3

Author Comment

by:tibori
ID: 2533049
Thanks, that's what I needed, and it worked.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EXCHANGE. LINUX, SYMANTEC MESSAGING GATEWAY 2 74
PHP error function not working on AWS 10 170
CLI command keep running after close 7 73
exchange, squid, proxy, linux 6 87
Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question