How do I allow only certain IPSet set's to access a certain port with iptables?

networking linux firewall iptables ipsec

Solution 1:

Reverse the presumption: allow through those that you want, then deny the rest:

iptables -A INPUT -m set --match-set uk.zone src -p tcp --dport 15765 -j ACCEPT
iptables -A INPUT -m set --match-set th.zone src -p tcp --dport 15765 -j ACCEPT
iptables -A INPUT                                -p tcp --dport 15765 -j DROP

(and similarly for port 16247, or try getting clever with -m multiport). Note that the order is important: the exceptions (ACCEPTs) need to come before the rule (DROP).

Related

Zabbix icmp pinger processes more than 75% busy
kernel warning in logs: set_rtc_mmss can't update from 0 to 58
Remove local headers on debian wheezy for outgoing mail
Removing GPO - comprehensive list of 'tattooed and non tattooed' registry settings
How does one restore default case to a variable in VBA (Excel 2010)?
Calling SQL Defined function in C#
Twig iterate over object properties
Angular UI-Router more Optional Parameters in one State
How to parse $QUERY_STRING from a bash CGI script?
How to use super() with one argument?
Ingress keys - if I put a key in a capsule can I get another
What unlocks/perks persist to the next game