Configuring IP Tables

07-28-2004, 03:46 AM

Hi all,

I would like to configure iptables to drop all SSH connections. I have
the following rules set up:

root@lastochka max # iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp
spt:ssh
DROP udp -- anywhere anywhere udp
spt:ssh

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

However, launching an SSH program on another computer and attempting
to connect lets me through.

Can someone tell me what I'm doing wrong?
Thanks in advance,
Max

07-28-2004, 06:22 AM

On 27 Jul 2004 20:46:58 -0700
(E-Mail Removed) (Max) wrote:

> Hi all,
>
> I would like to configure iptables to drop all SSH connections. I have
> the following rules set up:
>
> root@lastochka max # iptables -L
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> DROP tcp -- anywhere anywhere tcp
> spt:ssh
> DROP udp -- anywhere anywhere udp
> spt:ssh
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> However, launching an SSH program on another computer and attempting
> to connect lets me through.
>
> Can someone tell me what I'm doing wrong?
> Thanks in advance,
> Max
you have to change --sport 22 to --dport 22

then it will work

Greets
Chris

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
IP tables help	CCW	Linux Networking	0	05-17-2008 11:59 AM
Access to the NAT tables	Alvaro	Linux Networking	2	12-05-2005 04:10 PM
NAT tables chains	lekkie.aydot@gmail.com	Linux Networking	5	07-29-2005 07:21 PM
IP Tables - PPTP/GRE + NAT	Andrew Townsend	Linux Networking	1	06-12-2004 09:23 AM
Routing tables and configuring gw	john	Linux Networking	4	02-22-2004 10:03 AM