Stephen Benoit (Linux) wrote:
Hello, Frédéric.
To block (reject) a TCP port $SERVICE (22 in this case) on the external
interface, try a rule like:
# iptables -I INPUT 1 -j REJECT -p tcp -s 0/0 -i $EXTERNAL_INTERFACE
--dport $SERVICE
With your earlier rules in place, tcp port 22 on the internal interface
and tcp port 12345 on the external interface should both still work.
Hi,
The server that I want access through SSH is different from the
firewall, the server is in the DMZ and has one network interface (chains
INPUT or OUTPUT), the firewall with two network interfaces (chain
FORWARD). The INPUT chain on the firewall is not involved in the decision.
Regards.
--
==============================================
| FRÉDÉRIC MASSOT |
| http://www.juliana-multimedia.com |
| mailto:[EMAIL PROTECTED] |
===========================Debian=GNU/Linux===
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
