Iptables bang position

linux iptables

I am trying to set up this rule :

 iptables -A INPUT -i eth1 -p tcp -s ! 10.111.11.0/24 --dport ssh --syn -m state --state NEW -j ACCEPT

but it doesnt work. When i change place of !

 iptables -A INPUT -i eth1 -p tcp ! -s 10.111.11.0/24 --dport ssh --syn -m state --state NEW -j ACCEPT

its ok but i am not sure is it working correctly. In every tut on net "!" is between -s and ip not in front of it.


Your second example is correct.

The first example is an old and deprecated way of writing such rules; current versions of iptables will print a warning, or refuse the rule entirely, if you use it.

Old tutorials on the Internet, of course, have old information.

Related

How can I determine what hosting provider hosts a site?
Webserver in docker container is not reachable via the internet
Host a Debian repository on a Windows Web/Ftp server
DRBD / Heartbeat on Virtual Machines
iDRAC 7 Enterprise does not work properly
PowerShell 7.0 / 7.1 and .NET runtimes
Structuring an OU to properly model an Organizational Hierarchy
Is there a way to suppress "x rows affected" in SQLCMD from the command line?
Python: See if one set contains another entirely?
Unix - copy contents of one directory to another [closed]
Install php-zip on php 5.6 on Ubuntu [duplicate]
Promise Retry Design Patterns