Re: lug-bg: Re: lug-bg: =?windows-1251?Q?=CA=E0=EA_=E4=E0_=EE?= =?windows-1251?Q?=E3=F0=E0=ED=E8=F7=E0_=EF=EE_MAC_=E0=E4=F0=E5=F1_?= =?windows-1251?Q?=E8=EB=E8_=EF=EE_IP=3F?=

Georgi Ivanov Fri, 01 Oct 2004 10:21:55 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

atlas wrote:
| А има ли начин това да стане с IPTABLES по MAC адрес?
|
|
|>From: "Georgi Ivanov" <[EMAIL PROTECTED]>
|>Sent: Friday, October 01, 2004 6:50 PM
|>Subject: Re: lug-bg: Как да огранича по MAC адрес или по IP?
|>
| atlas wrote:
| | [EMAIL PROTECTED] [EMAIL PROTECTED],
| | <0< Linux <0H8=0 (Slakware v.10), :>OB> 5 [EMAIL PROTECTED] :J< Internet [EMAIL 
PROTECTED]
|
|> PPP0.
|
| | A25= B>20 8<0 8 <@56>2 040?B5@ ETH0, [EMAIL PROTECTED] :>9B> ?>4020 Internet :J<
| | [EMAIL PROTECTED] <8 <@560 (192.168.1.0/24).
| | J?@>A0 <8 5, :0: 40 >[EMAIL PROTECTED] 4>ABJ?0 4> <0H8=0B0 [EMAIL PROTECTED] PPP0 
40 AB020
|
|> A0<>
|
| | [EMAIL PROTECTED] :>=:@5B5= MAC [EMAIL PROTECTED] 8;8 :>=:@5B=> IP? 45OB0 <8 5 40 
:><0=420<
|
|> Linux
|
| | <0H8=0B0 [EMAIL PROTECTED] Internet [EMAIL PROTECTED]<[EMAIL PROTECTED]> [EMAIL PROTECTED] 
SSH ?>@B 22, => =5 8A:0< 40
|>[EMAIL PROTECTED]<
| | ?> ?>@B (iptables -A INPUT -i ppp0 -p tcp --dport 22 -j DROP)
| |
| | 0 F5;B0 AJ7404>E A;54=0B0 [EMAIL PROTECTED]:
| | ########################################################
| |  iptables -N block
| |
| |  iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
| |  iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT
| |
| |  iptables -A block -m mac --mac-source 00:80:AD:62:15:A3 -j ACCEPT
| |
| |  iptables -A block -j DROP
| |
| |  iptables -A INPUT -j block
| |  iptables -A FORWARD -j block
| | ########################################################
| |
| | => =5I> =5 A5 ?>;CG020 (>[EMAIL PROTECTED]> ?> MAC =5 A5 ?>;CG020).
| | @>120E A >[EMAIL PROTECTED] ?> IP:
| |
| | iptables -A block -s 213.91.17.190 -i ppp0 -j ACCEPT
| |
| | => @57C;B0B0 15H5 AJI8O.
| |
| | :> =O:>9 <>65 40 <8 ?><>3=5, 1;03>[EMAIL PROTECTED] [EMAIL PROTECTED]@8B5;=>.
| |
| |
| |
| |
|
|
|>
============================================================================
|
| | A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
| | http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara
| Zagora
| | To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
| |
|
|
|>
============================================================================
|
| ">G=> 70 B>78 A;CG09 A ssh  <>65H 40 3> >[EMAIL PROTECTED] [EMAIL PROTECTED] 
hosts.allow 8
| hosts.deny 157 40 ?>;720H iptables
|
| --
| Georgi Ivanov
| Aii Data Processing
| System Administrator
| IT Department
|
|
| http://www.6lyokavitza.org/

|
============================================================================

A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara

| Zagora

To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html


|
============================================================================


|
============================================================================
| A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
| http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara
Zagora
| To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
|
============================================================================
Мисля че ако направиш нещо от сорта на:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
iptables -A allowed -p TCP --syn -j ACCEPT
iptables -A allowed -p TCP -m state --state ESTABLISHED,RELATED -jACCEPT
iptables -A allowed -p TCP -j DROP
iptables -A INPUT -p TCP -s ип-то_от_което_искаш_се_вържеш -d ME --dport
22 -j allowed
~ Или да прихванеш MAC-a , ако ще е по MAC


и после изрично да разрешаваш примерно правиш си верига
iptables -N allow


- --
Georgi Ivanov
Aii Data Processing
System Administrator
IT Department


http://www.6lyokavitza.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBXZE70dEkp0mjhDsRAvokAJ4wxrbOf4BO40r2rwaJcvkkNO8KDwCfZr5q
8gDHntso/b17cGzrIycLOm8=
=c6yV
-----END PGP SIGNATURE-----
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================

Re: lug-bg: Re: lug-bg: =?windows-1251?Q?=CA=E0=EA_=E4=E0_=EE?= =?windows-1251?Q?=E3=F0=E0=ED=E8=F7=E0_=EF=EE_MAC_=E0=E4=F0=E5=F1_?= =?windows-1251?Q?=E8=EB=E8_=EF=EE_IP=3F?=

Reply via email to