[TriLUG] IP Tables rule to block all non-local traffic
Ron Kelley via TriLUG
trilug at trilug.org
Fri Oct 7 21:22:20 EDT 2016
Greetings all.
My IP Tables skills are very lacking, and I don’t want to break anything in the process. Thus, I am reaching out…
I need the right iptables command to do the following:
----------------------------------------------
* Allow any connection to any ip on the local subnet
* Allow any connection to any ip on an adjacent subnet
* Block all other traffic
server_ip: 192.168.100.21/24
adjacent_subnet: 172.16.0.0/16
iptables -A OUTPUT —dport=<any> -s 192.168.100.0/24 -j ACCEPT
iptables -A OUTPUT —dport=<any> -s 172.16.0.0/16 -j ACCEPT
iptables -A OUTPUT -dport=<any> -j REJECT
Thanks for any pointers.
-Ron
More information about the TriLUG
mailing list