Thanks Guillaume. I will be testkng this in a few days.
Guillaume Morin responded:
On 11 Aug 13:10, Terry Spaulding wrote:
> -A ssh -s 172.xx.xxx.xxx -d 10.x.x.xx -p tcp -m tcp --dport 22
> -j ACCEPT
>
> Can I code
Terry,
On 11 Aug 13:10, Terry Spaulding wrote:
> -A ssh -s 172.xx.xxx.xxx -d 10.x.x.xx -p tcp -m tcp --dport 22
> -j ACCEPT
>
> Can I code a subnet value for the -s instead of the specific static
> IP address of the workstation ??
Sure, you can. Just add a /mask, e.g
-A ssh -s 172.
I have a group of Linux admins on a subnet exclusive to their group. This
subnet is setup as dhcp so their are no static ip addresses per
workstation. Is it possible to define the policy for a subnet permitting
use of a specific port ?
Static example as follows:
-A ssh -s 172.xx.xxx.xxx -d 10