[ale] IPTABLES
JK
jknapka at kneuro.net
Fri Mar 9 16:32:24 EST 2007
[Sorry, forgot something... see below.]
JK wrote:
> Paul Cartwright wrote:
>
>> I was tring to move a file from my desktop to my laptop using winscp.
>> It wouldn't connect to my desktop. ( desktop running SUSE 10.2 ). SO I
>> started firestarter and then I could connect. What do I have to do to
>> get that connection without having to start firestarter?
>> man iptables scared me..
>> what I want to do is add an incoming rule from my laptop to my SUSE
>> desktop to allow winscp using port 22 to access my desktop.
>> command line??
>> iptables --append INBOUND ??????
>>
>
> iptables -I INPUT -s <laptop-ip> -p TCP --dport 22 -j ACCEPT
You may also want to add:
-i <interface on which you expect traffic from the laptop>
before the -j (eg -i eth1). That ensures that packets arriving
with the laptop's IP on a different interface (that is, spoofed
packets) are not accepted.
-- JK
> Of course, you must replace <laptop-ip> with the IP address
> of your laptop.
>
> Breakdown:
>
> -I = insert at the beginning
> INPUT = of the INPUT chain the following rule:
> -s <laptop-ip> = when the source address is <laptop-ip>
> -p TCP = and the protocol is TCP/IP
> --dport 22 = and the destination port is 22 (SSH)
> -j ACCEPT = then jump to the ACCEPT action.
>
> -- JK
>
>
More information about the Ale
mailing list