hey guys... i am redirecting my website data from my local server to site..
the scenerio is something like this. we have a site which is hosted on a Web Hosting Service provider when we click on some pages it request to my organisation real IP on port 85 the iptables look like this -A PREROUTING -p tcp -m tcp --dport 85 -j DNAT --to-destination 192.168.11.5 -A PREROUTING -i eth0 -p tcp -m tcp --dport 85 -j DNAT --to-destination 192.168.11.5 -A PREROUTING -p tcp -m tcp --dport 1433 -j DNAT --to-destination 192.168.11.5 -A PREROUTING -i eth0 -p tcp -m tcp --dport 1433 -j DNAT --to-destination 192.168.11.5 -A PREROUTING -p tcp -m tcp --dport 1434 -j DNAT --to-destination 192.168.11.5 -A PREROUTING -i eth0 -p tcp -m tcp --dport 1434 -j DNAT --to-destination 192.168.11.5 now i saw that it is not secure and some people has directly accessed on our realip with port xxx.xxx.xxx.xxx:85 how can i block the request of others while accepting it from only my website address what i tried so far is this.. iptables -t nat -A PREROUTING -p tcp -m tcp --dport 85 -s xxx.xxx.xxx.xxx (my website address) -j ACCEPT iptables -t nat -A PREROUTING -p tcp -m tcp --dport -s 0.0.0.0/0 -j DROP but didnt worked all connections were dropped. what is the problem.. is it somewhat related to sequencing what should be the proper sequence first accepting from my site then droping others and then redirecting please it is urgent
