Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

how do I allow specific ip addresses for xx port using iptables?

Posted on 2011-09-09
5
Medium Priority
?
493 Views
Last Modified: 2012-05-12
Good day experts

I currently have a Websphere Application Server running on Linux SLES 10 SP2, I access the administrative console through port 9060. Although I have enabled security to access the admin console, I would also like to filter access by allowing only certain ip addresses through that port.

Would someone guide me how to accomplish this through iptables? I've already read some docs about iptables and how rules/chains/targets work but I'm still new with this command

Thanks in advance
0
Comment
Question by:Arrismog
  • 3
  • 2
5 Comments
 
LVL 7

Expert Comment

by:jackiechen858
ID: 36512790
edit /etc/sysconfig/SuSEfirewall2

find FW_SERVICES_ACCEPT_EXT, and add something like:
FW_SERVICES_ACCEPT_EXT="aa.bb.cc.dd/24,tcp,9060 "

the restart firewall:
/etc/init.d/SuSEfirewall2_setup restart
0
 
LVL 7

Expert Comment

by:jackiechen858
ID: 36512803
or just reload the rule:

/etc/init.d/SuSEfirewall2_setup reload
0
 

Author Comment

by:Arrismog
ID: 36514064
@jackiechen858:

Thanks! is there any way to do it by iptables command?

0
 
LVL 7

Accepted Solution

by:
jackiechen858 earned 2000 total points
ID: 36516368

On Redhat/Centos, the iptables configuration file is  /etc/sysconfig/iptables.

On Suse Linux, it's /etc/sysconfig/SuSEfirewall2. My understanding is susefirewall is a wrapped iptabes ( it will generate iptables rules for you, and it's easier to configure).

you can still run iptables command from console/terminal, but the setting will be gone after you restart machine/Susefirewall.  If you want to use iptables format configuration like /etc/sysconfig/iptables, you have to disable SuSEfirewall2 and setup iptable initial script by yourself.




0
 

Author Closing Comment

by:Arrismog
ID: 36523956
It worked, thanks a lot!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses
Course of the Month13 days, 1 hour left to enroll

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question