Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] iptables-question
  • From: Graham Murray <graham@xxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 31 Dec 2001 10:31:26 +0000
  • Message-id: <m3bsgfhe9t.fsf@xxxxxxxxxxxxxxxxxxx>
da_bug <da_bug@xxxxxxx> writes:

> I have question about iptables:
>
> If I want to block e.g. telnet for my two ippp-devices I do it this
> way (this works very good :)):
>
> iptables -A INPUT -i ippp0 -p tcp --dport 23 -j DROP
> iptables -A INPUT -i ippp1 -p tcp --dport 23 -j DROP
>
>
> So my question:
> Is there a way that I don't need to write a rule for every single
> interface?

you could write "iptables -A INPUT -i ippp+ -p tcp --dport 23 -j DROP"

This would then apply to all "ippp" interfaces. Similarly, "eth+"
applies the rule to all ethernet interfaces.

< Previous Next >
References