Shorewall users - Dec 2004 - allowing ssh, ftp and mysql connection only from certain ip addresses?

Hi,

 

I have a Linux machine that has a public IP address accessible from
anywhere.  

 

I want to restrict ssh, ftp and mysql connections from only certain ip
addresses.

 

------- policy -

#SOURCE         DEST            POLICY          LOG LEVEL       LIMIT:BURST

fw              net             ACCEPT

net             all             DROP            info

# The FOLLOWING POLICY MUST BE LAST

all             all             REJECT          info

 

 

--- rules -

.

AllowMySQL      net:1.2.3.4,1.2.3.5     fw

AllowSSH        net:1.2.3.4,1.2.3.5    fw

AllowFTP          net:1.2.3.4,1.2.3.5          fw

 

 

Where the ip addresses are 

1.2.3.4 and 1.2.3.5 of the machines that are allowed access for argument
sake?

 

Any help is greatly appreciated,

Regards,

Derek

 

 

Jeebers Ltd.
eBusiness Solutions

Derek Organ

Invent Centre, Dublin City University, Dublin 9, Ireland

e:  <BLOCKED::mailto:derek.organ@jeebers.com> derek.organ@jeebers.com
w:  <BLOCKED::http://www.jeebers.com> http://www.jeebers.com
t: +353 (0)1 700 7593
m: +353 (0)87 251 0060

Hi,

 

I have a Linux machine that has a public IP address accessible from
anywhere.  

 

I want to restrict ssh, ftp and mysql connections from only certain ip
addresses.

 

------- policy -

#SOURCE         DEST            POLICY          LOG LEVEL       LIMIT:BURST

fw              net             ACCEPT

net             all             DROP            info

# The FOLLOWING POLICY MUST BE LAST

all             all             REJECT          info

 

 

--- rules -

.

AllowMySQL      net:1.2.3.4,1.2.3.5     fw

AllowSSH        net:1.2.3.4,1.2.3.5    fw

AllowFTP          net:1.2.3.4,1.2.3.5          fw

 

 

Where the ip addresses are 

1.2.3.4 and 1.2.3.5 of the machines that are allowed access for argument
sake?

 

Any help is greatly appreciated,

Regards,

Derek

 

 

Jeebers Ltd.
eBusiness Solutions

Derek Organ

Invent Centre, Dublin City University, Dublin 9, Ireland

e:  <BLOCKED::mailto:derek.organ@jeebers.com> derek.organ@jeebers.com
w:  <BLOCKED::http://www.jeebers.com> http://www.jeebers.com
t: +353 (0)1 700 7593
m: +353 (0)87 251 0060

On Wed, 2004-12-08 at 18:17 +0000, Derek Organ wrote:
> Hi,
> 
>  
> 
> I have a Linux machine that has a public IP address accessible from
> anywhere.  
> 
>  
> 
> I want to restrict ssh, ftp and mysql connections from only certain ip
> addresses.
> 
>  
> 
> ------- policy -
> 
> #SOURCE         DEST            POLICY          LOG LEVEL       LIMIT:BURST
> 
> fw              net             ACCEPT
> 
> net             all             DROP            info
> 
> # The FOLLOWING POLICY MUST BE LAST
> 
> all             all             REJECT          info
> 
>  
> 
> 
> 
> --- rules -
> 
> .
> 
> AllowMySQL      net:1.2.3.4,1.2.3.5     fw
> 
> AllowSSH        net:1.2.3.4,1.2.3.5    fw
> 
> AllowFTP          net:1.2.3.4,1.2.3.5          fw
> 
>  
> 
> 
> 
> Where the ip addresses are 
> 
> 1.2.3.4 and 1.2.3.5 of the machines that are allowed access for argument
> sake?
> 
>  
> 
> Any help is greatly appreciated,
So what help do you need? -- assuming that you are running Debian and
installed the .deb, what you have shown should work fine.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key