well, you got the general idea :) 2009/2/9 Tzafrir Cohen <tzafrir.co...@xorcom.com>
> On Mon, Feb 09, 2009 at 11:09:34AM +0000, Geraint Lee wrote: > > what about something along the lines of... > > > > iptables -A INPUT -p udp --dport 5060 -j DROP > > iptables -A INPUT -p udp -s 192.168.0.0/24 --dport 5060 -j ACCEPT > > iptables -A INPUT -p udp -s 10.0.0.0/8 --dport 5060 -j ACCEPT > > iptables -A INPUT -p udp -s 66.66.66.66 --dport 5060 -j ACCEPT > > Err... I guess you meant: > > iptables -A INPUT -p udp -s 192.168.0.0/24 --dport 5060 -j ACCEPT > iptables -A INPUT -p udp -s 10.0.0.0/8 --dport 5060 -j ACCEPT > iptables -A INPUT -p udp -s 66.66.66.66 --dport 5060 -j ACCEPT > # only if previous three did not match: > iptables -A INPUT -p udp --dport 5060 -j DROP > > -- > Tzafrir Cohen > icq#16849755 > jabber:tzafrir.co...@xorcom.com<jabber%3atzafrir.co...@xorcom.com> > +972-50-7952406 mailto:tzafrir.co...@xorcom.com > http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >
_______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
