[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 478
  • Last Modified:

blocking some port from a particular IP

i wish to block some port  only from a particular IP. using IP tables. ie., I wish to block my Lan users ( only particular Lan Users) reaching particular port for a particular IP.

Say if a external IP ( in internet ) listening to ports 5000,80,8001. I wish to block my Lan users only to block 5000 port only to this IP. So that he can reach other IP listening to port 5000.

How can i do that?

0
hithayath
Asked:
hithayath
1 Solution
 
philby11Commented:
try TCP/IP filtering if you are on an NT (2k,xp) system.
From the properties of your LAN go toTCP/IP properties - advanced - options - tcp/ip filtering - properties.
Here you can select the allowed ports

0
 
tieumsCommented:
Hi hithayath,

Using IPTables it is possible to block particular internal IP to reach particular ports on a particular internet IP.

Before defining the props of your forward chain, run this command or add the details on top of the forward chain
in your iptables config file:

example: I don't want 172.16.1.5 to access 217.128.123.4 port 5000

iptables -A FORWARD -p TCP -s 172.16.1.5 -d 217.128.123.4 --dport 5000 -j REJECT

It is important to use REJECT instead of DROP, when restricting access from inside, this way blocked TCP connections
attempts are not waiting for timeout.

Hope this helps,
Tieums.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now