[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Linux-cluster] exact iptables command to stop a source from accessing a Linux cluster



 
I can't even start up iptables as the previous admin hardened it
(but not sure how / where he hardened it)
 
So despite that I do
service iptables start,
"service iptables status" still show "Firewall is stopped"
 
Now, can I use /etc/hosts.deny instead ?
Do I need to do "pkill -HUP tcpd"   or
"service xinetd restart"   - which of the two
commands shd I execute & what's the syntax
in /etc/hosts.deny ?
 
Thanks

On Fri, Sep 18, 2009 at 11:38 AM, Ian Hayes <cthulhucalling gmail com> wrote:
[root cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    DROP       all  --  10.5.5.5             anywhere
2    DROP       all  --  10.5.5.6             anywhere
3    DROP       all  --  10.5.5.7             anywhere

Find the rule number that matches the one you want to delete. Say you want to delete #2 from the INPUT table

[root cthulhu ~]# iptables -D INPUT 2
[root cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    DROP       all  --  10.5.5.5             anywhere
2    DROP       all  --  10.5.5.7             anywhere


Or you can do iptables -F which will basically drop all your iptables. Make sure you've saved recently before you do that.


On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <sunhux gmail com> wrote:
Thanks Ian.
 
So I issue this command on both cluster nodes and it will also
stop access to the virtual cluster address?
 
What's the command to reverse / remove
" iptables -A INPUT -s 10.5.5.25 -j DROP " ?
Just in case there's a problem, I'll need to reverse.
 
Tks
U
On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes <cthulhucalling gmail com> wrote:
iptables -A INPUT -s 10.5.5.25 -j DROP

On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux gmail com> wrote:
 
Hi,
 
I have a RHEL 5.1  cluster that's constantly being accessed by an
application from a Windows server application via sqlnet (ie Tcp
port 1521) which caused a specific Oracle accounts to be locked.
 
The owner of the Windows box does not know why the Filenet
application is doing this so while she's doing the research which
configuration in Filenet needs to be fixed to stop this, we need an
interim measure to block this Windows server's access to the cluster.
 
Thus I would like to set up iptables / firewall on this Linux box to
stop the sqlnet access.  Can someone provide me some example
commands / syntax ?
 
Source IP address : 10.5.5.25   (Windows server)
Tcp port : 1521
My Linux boxes IP address :  10.5.5.46 / .47
My Linux cluster virtual addr : 10.5.5.45
 
In fact I would like to block on all ports on the Linux cluster to stop
this Windows server from accessing it.  So what's the exact commands
I should issue on each of the Linux box?  Would iptables also block
the Windows server from accessing the cluster virtual IP addr?
 
 
Thanks
U
 

 

--
Linux-cluster mailing list
Linux-cluster redhat com
https://www.redhat.com/mailman/listinfo/linux-cluster


--
Linux-cluster mailing list
Linux-cluster redhat com
https://www.redhat.com/mailman/listinfo/linux-cluster


--
Linux-cluster mailing list
Linux-cluster redhat com
https://www.redhat.com/mailman/listinfo/linux-cluster


--
Linux-cluster mailing list
Linux-cluster redhat com
https://www.redhat.com/mailman/listinfo/linux-cluster


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]