On Tue, 2004-05-18 at 18:26, Cosmin Dumitru wrote: > se da urmatorea linie din firewall: > #iptables -A FORWARD -p tcp -s! 192.168.0.7 --dport 1411 -j REJECT > care evident interzice accesul la infamul dc intregii retele cu > exceptia ipului 192.168.0.7 > cum pot sa mai adaug inca un ip pe lista celor permise? > multumesc pentru intelegere
iptables -I FORWARD <pos no> -s ip.su.rs.a --dport 1411 -j ACCEPT unde <pos no> este pozitia pe care vrei sa iti insereze regula in chain-ul forward. Eu de obicei pun "1", dar nu e o regula. Ideea e sa ajunga regula inserata deasupra regulii cu REJECT -- Tiberiu Ungureanu Network Engineer iNES Group SRL - Internet Dept. Tel: +40 21 2322112 / Fax: +40 21 2323461 Public GnuPG Key at http://www.ines.ro/public_keys/tbb.gpg -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQBAqixlhRWQH98Nj70RAgm7AJ4zNL30BQZHLsHuzBI8bmpdJBEPQQCg1jNO 7bcBin51VUQbNy0+9loYM8U= =aNxJ -----END PGP SIGNATURE----- --- Detalii despre listele noastre de mail: http://www.lug.ro/
