Topic: ipchains questions

[tanos]

Hello
I am working on e-smith 5.5  using ipchains.

if i  want to refuse all access  for the address 204.253.104.95 on my firewall should i  execute this line.

ipchains -A input -i ppp0 -p tcp -s 204.253.104.95  -j DENY

and what the difference   with that  line
ipchains -A input -i ppp0 -p tcp -s 204.253.104.95 -d $EXTIP/32 -j DENY

thank you

[Nathan Fowler]

"ipchains -A input -i ppp0 -p tcp -s 204.253.104.95 -j DENY" translates to "Deny incoming packets on device PPP0 where the protocol is TCP and the source IP address is 204.253.104.95"

"ipchains -A input -i ppp0 -p tcp -s 204.253.104.95 -d $EXTIP/32 -j DENY" translates to "Deny incoming packets on device PPP0 where the protocol is TCP and the source IP is 204.253.104.95 and the destination IP is $EXTIP", where $EXTIP is a variable for your External IP address.  The /32 is CIDR notation for a subnet mask of 255.255.255.255 (someone correct me if I an wrong).

CIDR
/32 = 255.255.255.255
/24 = 255.255.255.0
/16 = 255.255.0.0
/8 = 255.0.0.0



Both rules should accomplish what you want to do, unless you specific a "-d " argument, ipchains assumes "anywhere" or 0.0.0.0.  In this case, since the rule is incoming, it really shouldn't matter.

Hope this helped,
Nathan

[tanos]

hello

This help a lot.
If  i made a mistake on the IP and i want to let this ip reached my server.
should i execute this line
"ipchains -A input -i ppp0 -p tcp -s 204.253.104.95 -j allow"
Thank you

[Nathan Fowler]

Probably better if you just:
/etc/rc.d/init.d/masq restart