4 Nov
2005
4 Nov
'05
04:44
I'm trying to write some iptables rules so that I can let someone telnet to machines on a 10.0.0.0 network but not allow them to telnet anywhere else.. effectively blocking outbound telnet to ANYTHING except the machines on the 10.0.0.0 network. I thought I had it but I guess I don't. The rules are as follows... # allow outgoing telnet traffic /usr/sbin/iptables -A FORWARD -p TCP -i eth2 -d 10.0.0.0/8 --dport 23 -j ACCEPT # block all other outgoing telnet traffic /usr/sbin/iptables -A FORWARD -p TCP -i eth2 -d 0/0 --dport 23 -j DROP This machine is a Compaq DL760 with 2 dual port 10/100 cards in it and eth2 is the first port on card 2. Any help would be appreciated. Thanks! -Ben -- Atheism is a non-prophet organization.