Re: [opensuse] YaST firewall: restrict incoming based on source address

10 May 2007


      Benji Weber wrote:
...
On 5/10/07, Sorin Peste  wrote:
...
Hi,
I want to open a TCP port, but restrict access based on a list of source
IP addresses. Can this be accomplished by using the YaST Firewall
module? (I couldn't find anything for this). If not, what's the
recommended way of doing this in 10.2, so that the next time I use YaST
to open a port, my custom settings don't get wiped out?
yast -> system -> /etc/sysconfig editor -> network -> firewall ->
susefirewall2 -> FW_SERVICES_ACCEPT_EXT
It is in a space separated list of the following:
<network>,tcp,<destination portnumber>,<source port number>,[rate
limiting settings]
So for example:
192.168.0.0/24,tcp,22
should allow any ssh connections from IPs in the 192.168.0.* range.
_
Benjamin Weber
That worked great, thank you.
-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse+help@opensuse.org