Solved

blocking some port from a particular IP

Posted on 2003-11-24
2
473 Views
Last Modified: 2012-05-04
i wish to block some port  only from a particular IP. using IP tables. ie., I wish to block my Lan users ( only particular Lan Users) reaching particular port for a particular IP.

Say if a external IP ( in internet ) listening to ports 5000,80,8001. I wish to block my Lan users only to block 5000 port only to this IP. So that he can reach other IP listening to port 5000.

How can i do that?

0
Comment
Question by:hithayath
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Expert Comment

by:philby11
ID: 9816416
try TCP/IP filtering if you are on an NT (2k,xp) system.
From the properties of your LAN go toTCP/IP properties - advanced - options - tcp/ip filtering - properties.
Here you can select the allowed ports

0
 

Accepted Solution

by:
tieums earned 50 total points
ID: 9816788
Hi hithayath,

Using IPTables it is possible to block particular internal IP to reach particular ports on a particular internet IP.

Before defining the props of your forward chain, run this command or add the details on top of the forward chain
in your iptables config file:

example: I don't want 172.16.1.5 to access 217.128.123.4 port 5000

iptables -A FORWARD -p TCP -s 172.16.1.5 -d 217.128.123.4 --dport 5000 -j REJECT

It is important to use REJECT instead of DROP, when restricting access from inside, this way blocked TCP connections
attempts are not waiting for timeout.

Hope this helps,
Tieums.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question