[TriLUG] iptables question - rule - from any domain *.ncsu.edu
lfwelty at nc.rr.com
lfwelty at nc.rr.com
Thu Aug 28 13:47:21 EDT 2003
gah! I'm an idiot - of course. Thanks!
Greg Cox wrote:
>>Rather than write a ruleset for each individual possible origination
>>ip - Can I add a single rule that says allow ssh from any ip within
>>the ncsu.edu domain?
>>ie. engr01ras-linux.eos.ncsu.edu and engr06ras.eos.ncsu.edu.
>> would both match.
>
>
> 1) Allow all ssh traffic, then use hosts.allow to restrict it.
>
> 2) iptable it to 152.1.0.0/16
>
> $ host engr06ras.eos.ncsu.edu
> engr06ras.eos.ncsu.edu has address 152.1.68.201
> $ lynx -source http://ws.arin.net/cgi-bin/whois.pl?queryinput=152.1.68.201|grep CIDR
> CIDR: 152.1.0.0/16
>
>
--
-----------------------------------------------------------------
lfwelty at nc.rr.com: Earth is a beta site, I just wish that damn
pink elephant would give me my mouse back.
-----------------------------------------------------------------
More information about the TriLUG
mailing list