0

Hi All,

I need help with iptables to allow a specific IP to access a destination (FaceBook)

The following rule blocks facebook access to everyone in the company(this rule works successfully):

 iptables -A FORWARD -p all -d $ip -j REJECT

(The ip address is read from a text file.)

Now I want to allow one person access to FB.

I tried the following but its not working:

iptables -A FORWARD -p all -s 10.0.0.x  -d $ip -j ACCEPT

Please help & advise me.

2
Contributors
2
Replies
13
Views
4 Years
Discussion Span
Last Post by CoolAtt
1

Add 1 after FORWARD, that will put the rule in the first place of the chain, otherwise the firewall applies the first matching rule.

The number given after the chain name indicates the position before an existing Rule. So, for example, if you want to insert a Rule before the third rule you specify the number 3. Afterward, the existing Rule will then be in the fourth position in the chain.

More information: https://fedoraproject.org/wiki/How_to_edit_iptables_rules

1

Thanks a lot cereal

The -A must be replaced with -I else i get syntax error.

the correct working syntax is:

iptables -I FORWARD 1 -p all -s 10.0.0.x  -d $ip -j ACCEPT`

Edited by CoolAtt

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.