thr3ads.net - Shorewall users - [Shorewall-users] restricting port to specific ip address [Apr 2002]

If this information is useful, please help other people find it:
Share via:

Eduardo Ferreira

2002-Apr-15 17:53 UTC

[Shorewall-users] restricting port to specific ip address

This is a multipart message in MIME format.
--=_alternative 0062484783256B9C_Content-Type: text/plain;
charset="us-ascii"

Hi all,

is it possible to restrict the use of an outbound port (from loc to net) 
to a specific ip address, i.e.:  if you use port xxxx you can only connect 
to ip address yyy.yyy.yyy.yyy? if it is, how do I implement it?

TIA,

Eduardo Ferreira

--=_alternative 0062484783256B9C_Content-Type: text/html;
charset="us-ascii"


<br><font size=2 face="sans-serif">Hi all,</font>
<br>
<br><font size=2 face="sans-serif">is it possible to
restrict the use of an outbound port (from loc to net) to a specific ip address,
i.e.: &nbsp;if you use port xxxx you can only connect to ip address
yyy.yyy.yyy.yyy? if it is, how do I implement it?</font>
<br>
<br><font size=2 face="sans-serif">TIA,</font>
<br>
<br><font size=2 face="sans-serif">Eduardo
Ferreira</font>
<br>
--=_alternative 0062484783256B9C_=--

Tom Eastep

2002-Apr-15 17:55 UTC

head link

[Shorewall-users] restricting port to specific ip address

On Mon, 15 Apr 2002, Eduardo Ferreira wrote:
> Hi all,
>
> is it possible to restrict the use of an outbound port (from loc to net)
> to a specific ip address, i.e.:  if you use port xxxx you can only connect
> to ip address yyy.yyy.yyy.yyy? if it is, how do I implement it?
>
> TIA,
In /etc/shorewall/rules:

REJECT	loc	net:!yyy.yyy.yyy.yyy	<protocol>	<port #>

-Tom
--
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

Eduardo Ferreira

2002-Apr-15 17:58 UTC

head link

[Shorewall-users] restricting port to specific ip address

This is a multipart message in MIME format.
--=_alternative 0062B44D83256B9C_Content-Type: text/plain;
charset="us-ascii"

Tom,

worked like magic.  thanks a lot...





Tom Eastep <teastep@shorewall.net>
Sent by: shorewall-users-admin@shorewall.net
15/04/2002 14:55

 
        To:     Eduardo Ferreira <duda@icatu.com.br>
        cc:     "shorewall-users@shorewall.net"
<shorewall-users@shorewall.net>
        Subject:        Re: [Shorewall-users] restricting port to specific ip
address


On Mon, 15 Apr 2002, Eduardo Ferreira wrote:
> Hi all,
>
> is it possible to restrict the use of an outbound port (from loc to net)
> to a specific ip address, i.e.:  if you use port xxxx you can only 
connect> to ip address yyy.yyy.yyy.yyy? if it is, how do I implement it?
>
> TIA,
In /etc/shorewall/rules:

REJECT           loc             net:!yyy.yyy.yyy.yyy <protocol>  <port
#>

-Tom
--
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

_______________________________________________
Shorewall-users mailing list
Shorewall-users@shorewall.net
http://www.shorewall.net/mailman/listinfo/shorewall-users



--=_alternative 0062B44D83256B9C_Content-Type: text/html;
charset="us-ascii"


<br><font size=2 face="sans-serif">Tom,</font>
<br>
<br><font size=2 face="sans-serif">worked like magic.
&nbsp;thanks a lot...</font>
<br>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td>
<td><font size=1 face="sans-serif"><b>Tom Eastep
&lt;teastep@shorewall.net&gt;</b></font>
<br><font size=1 face="sans-serif">Sent by:
shorewall-users-admin@shorewall.net</font>
<p><font size=1 face="sans-serif">15/04/2002
14:55</font>
<br>
<td><font size=1 face="Arial">&nbsp; &nbsp;
&nbsp; &nbsp; </font>
<br><font size=1 face="sans-serif">&nbsp; &nbsp;
&nbsp; &nbsp; To: &nbsp; &nbsp; &nbsp; &nbsp;Eduardo
Ferreira &lt;duda@icatu.com.br&gt;</font>
<br><font size=1 face="sans-serif">&nbsp; &nbsp;
&nbsp; &nbsp; cc: &nbsp; &nbsp; &nbsp;
&nbsp;&quot;shorewall-users@shorewall.net&quot;
&lt;shorewall-users@shorewall.net&gt;</font>
<br><font size=1 face="sans-serif">&nbsp; &nbsp;
&nbsp; &nbsp; Subject: &nbsp; &nbsp; &nbsp; &nbsp;Re:
[Shorewall-users] restricting port to specific ip
address</font></table>
<br>
<br>
<br><font size=2 face="Courier New">On Mon, 15 Apr 2002,
Eduardo Ferreira wrote:<br>
<br>
&gt; Hi all,<br>
&gt;<br>
&gt; is it possible to restrict the use of an outbound port (from loc to
net)<br>
&gt; to a specific ip address, i.e.: &nbsp;if you use port xxxx you can
only connect<br>
&gt; to ip address yyy.yyy.yyy.yyy? if it is, how do I implement
it?<br>
&gt;<br>
&gt; TIA,<br>
<br>
In /etc/shorewall/rules:<br>
<br>
REJECT &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; loc &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; net:!yyy.yyy.yyy.yyy &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&lt;protocol&gt; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &lt;port #&gt;<br>
<br>
-Tom<br>
--<br>
Tom Eastep &nbsp; &nbsp;\ Shorewall - iptables made easy<br>
AIM: tmeastep &nbsp;\ http://www.shorewall.net<br>
ICQ: #60745924 &nbsp;\ teastep@shorewall.net<br>
<br>
_______________________________________________<br>
Shorewall-users mailing list<br>
Shorewall-users@shorewall.net<br>
http://www.shorewall.net/mailman/listinfo/shorewall-users<br>
</font>
<br>
<br>
--=_alternative 0062B44D83256B9C_=--

Shorewall users - Apr 2002 - restricting port to specific ip address

[Shorewall-users] restricting port to specific ip address

[Shorewall-users] restricting port to specific ip address

[Shorewall-users] restricting port to specific ip address