Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] iptables-question
  • From: johannes.marloth@xxxxxxxxxxx (Johannes Marloth)
  • Date: Sun, 30 Dec 2001 16:47:40 +0100
  • Message-id: <PM-CH.20011230164740.1404E.1.1D@xxxxxxxxxxxxxxxxxx>
Hi da_bug,

* Sun, 30 Dec 2001 15:39:48 +0100 da_bug wrote:
> If I want to block e.g. telnet for my two ippp-devices I do it this
> way (this works very good :)):
>
> iptables -A INPUT -i ippp0 -p tcp --dport 23 -j DROP
> iptables -A INPUT -i ippp1 -p tcp --dport 23 -j DROP
>
> So my question:
> Is there a way that I don't need to write a rule for every single
> interface?

Perhaps you'll write a bash/shell script for your firewall, so it's
easy to do as you like:

DEVICES="ippp1 ippp2 ippp3 ippp4"

for DEV in $DEVICES
do
iptables -A INPUT -i $DEV -p tcp --dport 23 -j DROP
done


> Something like
> "iptables -A INPUT -i ippp0,ippp1 -p tcp --dport 23 -j DROP"
> (I know this does not work)

Simply NO!


HTH,
Johannes


< Previous Next >
This Thread
  • No further messages