?
Solved

blocking some port from a particular IP

Posted on 2003-11-24
2
Medium Priority
?
475 Views
Last Modified: 2012-05-04
i wish to block some port  only from a particular IP. using IP tables. ie., I wish to block my Lan users ( only particular Lan Users) reaching particular port for a particular IP.

Say if a external IP ( in internet ) listening to ports 5000,80,8001. I wish to block my Lan users only to block 5000 port only to this IP. So that he can reach other IP listening to port 5000.

How can i do that?

0
Comment
Question by:hithayath
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Expert Comment

by:philby11
ID: 9816416
try TCP/IP filtering if you are on an NT (2k,xp) system.
From the properties of your LAN go toTCP/IP properties - advanced - options - tcp/ip filtering - properties.
Here you can select the allowed ports

0
 

Accepted Solution

by:
tieums earned 150 total points
ID: 9816788
Hi hithayath,

Using IPTables it is possible to block particular internal IP to reach particular ports on a particular internet IP.

Before defining the props of your forward chain, run this command or add the details on top of the forward chain
in your iptables config file:

example: I don't want 172.16.1.5 to access 217.128.123.4 port 5000

iptables -A FORWARD -p TCP -s 172.16.1.5 -d 217.128.123.4 --dport 5000 -j REJECT

It is important to use REJECT instead of DROP, when restricting access from inside, this way blocked TCP connections
attempts are not waiting for timeout.

Hope this helps,
Tieums.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question