IPTables - Blocking ports on eth0:x Network Interfaces
5,920
This is acheived by using the -i option when adding rules to the INPUT chain.
Here's an example for what you requested (assuming you default drop on your INPUT chain):
iptables -I INPUT 1 -p tcp -i eth0:1 --dport 22 -j ACCEPT
iptables -I INPUT 1 -p tcp -i eth0:1 --dport 25 -j ACCEPT
Related videos on Youtube
03 : 24
22-How to Block Ports Using Iptables Firewall Task - 1 Demo
06 : 32
Understanding Linux Network Interfaces
31 : 02
iptables Complete Guide | HackerSploit Linux Security
13 : 21
023 Basic networking ifconfig, ifup, ifdown, etc network interfaces
01 : 26
DevOps & SysAdmins: IPTables - Blocking ports on eth0:x Network Interfaces
Author by
Kayla
Updated on September 18, 2022Comments
-
Kayla over 1 year
I'm wondering, is it possible to block certain ports on different interfaces such as
eth0:0eth0:1...For instance, if I want to block on
eth0:0ports22and25and leave those open oneth0:1I'm open to any suggestions!Thanks guys!
-
Kayla almost 13 yearsI thought
eth0:0will be treated just likeeth0:1...if both areeth0. I'm wondering, does iptables support aliases? Note thateth0eth0:0andeth0:1have different IPs assigned. -
Kyle Smith almost 13 yearsFrom a brief google, it looks like subinterfaces aren't supported by iptables. I'm awfully surprised by this and I wonder if it's been updated. I don't have a test system handy to give it a shot. At any rate, you could use -d <interface ip> instead to filter by "destination IP address".
