Ping a Specific Port

Question

James White

Asked: 2015-08-06 22:23:50 +0800 CST2015-08-06 22:23:50 +0800 CST 2015-08-06 22:23:50 +0800 CST

Blocking LAN client WAN access with a exception rule

772

I'm trying to block a specific client access to the WAN with this:

iptables -I FORWARD -s 192.168.X.X -o $WAN_INTERFACE -j DROP

I however need a exception to allow outbound connections to a specific IP, so I need an ACCEPT rule before it in the right chain.

What is the best way to create this exception and block everything else?

1 Answers

Voted

alphamikevictor · Answer 1 · 2015-08-06T22:33:49+08:00

Best Answer

alphamikevictor

2015-08-06T22:33:49+08:002015-08-06T22:33:49+08:00

If you specify -I on iptables then you need to specify the rule number, what you can do is:

iptables -I FORWARD 1 -s ${limitedClient} -o ${WAN_INTERFACE} -j DROP
iptables -I FORWARD 1 -s ${limitedClient} -d ${limitedClientAccess} -o ${WAN_INTERFACE} -j ACCEPT

This way you will first insert a rule to deny this IP access to Internet, then you will put in first position a rule allowing specific access to this IP to somewhere.

1

Blocking LAN client WAN access with a exception rule

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?