Solved

blocking some port from a particular IP

Posted on 2003-11-24
2
470 Views
Last Modified: 2012-05-04
i wish to block some port  only from a particular IP. using IP tables. ie., I wish to block my Lan users ( only particular Lan Users) reaching particular port for a particular IP.

Say if a external IP ( in internet ) listening to ports 5000,80,8001. I wish to block my Lan users only to block 5000 port only to this IP. So that he can reach other IP listening to port 5000.

How can i do that?

0
Comment
Question by:hithayath
2 Comments
 
LVL 7

Expert Comment

by:philby11
ID: 9816416
try TCP/IP filtering if you are on an NT (2k,xp) system.
From the properties of your LAN go toTCP/IP properties - advanced - options - tcp/ip filtering - properties.
Here you can select the allowed ports

0
 

Accepted Solution

by:
tieums earned 50 total points
ID: 9816788
Hi hithayath,

Using IPTables it is possible to block particular internal IP to reach particular ports on a particular internet IP.

Before defining the props of your forward chain, run this command or add the details on top of the forward chain
in your iptables config file:

example: I don't want 172.16.1.5 to access 217.128.123.4 port 5000

iptables -A FORWARD -p TCP -s 172.16.1.5 -d 217.128.123.4 --dport 5000 -j REJECT

It is important to use REJECT instead of DROP, when restricting access from inside, this way blocked TCP connections
attempts are not waiting for timeout.

Hope this helps,
Tieums.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Three simple tips to quickly and efficiently back up and protect the contents of your PC and Mac®.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now