[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] iptables wildcard for IP Addresses?
> I want to enable several (ten) hosts to access my VPN. I am using SuSEfirewall
> and I have custom iptables rules in SuSEfirewall2-custom.
> Now i want to add one rule for all these hosts. I know that "!" is the
> wildcard for "any host but the following".
> How can I add an iptables rule affecting Source IPs from e.g. 220.127.116.11 to
> I've been looking, but i didn't ind something.
You might try the "iprange" packet matching module (-m iprange); it's not
domcumented in the man page, but "iptables -m iprange --help" prints the
following (at the end):
iprange match v1.2.9 options:
[!] --src-range ip-ip Match source IP in the specified range
[!] --dst-range ip-ip Match destination IP in the specified range
So you should be able to use something like:
iptables -A INPUT -m iprange --src-range 18.104.22.168-22.214.171.124 -j ACCEPT
This is present in SuSE 9.1, but apparently not in earlier versions.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here