Allow a range of IP's with IPTABLES from a file

iptables

I would like to allow only certain ip ranges (CIDR) and block everything else, however, I have those IPs that I want to allow on a text file. How could I load them up from the allow.file to IPTABLES interface eth0?


Solution 1:

Off the top of my head:

while read range; do
    iptables -A INPUT -i eth0 -s $range -j ACCEPT
done < allow.file

Addendum: A comment in chat asked whether using -I INPUT might be better than -A INPUT -- that is, inserting the rule at the beginning of the chain rather than at the end of the chain. This is, really, a local issue -- I've seen firewall rulesets where inserting would break things, and rulesets where appending would break things. You've got to make that choice for yourself and your situation. If you don't know which, then you shouldn't be writing iptables rules by hand, and should be using a management program like shorewall or ufw.

Related

Setting the timezone in MySQL on every connection using Zend PHP
transfer vm machine created in virtualbox to vmware player [closed]
How do you shut Dr. Watson reporting off on Windows Server 2008?
CentOS, Debian or Fedora for an Ubuntu User? [closed]
Purging AD Principal from cache
Migrating from Gmail to Google Apps
Analyse IIS Log Files
Can I choose the lane on which bots go when playing a LoL custom game?
Why does Imperius hate the Nephalem?
Is it possible to emulate an Xbox 360 or PS3?
How do the special abilities of each character translate to game play?
Is there something I can do with the rings/amulets I'm not using?