Hi All,

I need help with iptables to allow a specific IP to access a destination (FaceBook)

The following rule blocks facebook access to everyone in the company(this rule works successfully):

 iptables -A FORWARD -p all -d $ip -j REJECT

(The ip address is read from a text file.)

Now I want to allow one person access to FB.

I tried the following but its not working:

iptables -A FORWARD -p all -s 10.0.0.x  -d $ip -j ACCEPT

Please help & advise me.

Recommended Answers

All 2 Replies

Add 1 after FORWARD, that will put the rule in the first place of the chain, otherwise the firewall applies the first matching rule.

The number given after the chain name indicates the position before an existing Rule. So, for example, if you want to insert a Rule before the third rule you specify the number 3. Afterward, the existing Rule will then be in the fourth position in the chain.

More information: https://fedoraproject.org/wiki/How_to_edit_iptables_rules

Thanks a lot cereal

The -A must be replaced with -I else i get syntax error.

the correct working syntax is:

iptables -I FORWARD 1 -p all -s 10.0.0.x  -d $ip -j ACCEPT`
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.