Allow specific IP addresses on specific port
To allow only specific IP addresses to connect to a specific port, use the following iptables
commands:
iptables -I INPUT -p tcp -s 0.0.0.0/0 --dport 3306 -j DROP
iptables -I INPUT -p tcp -s 192.168.1.100 --dport 3306 -j ACCEPT
Where:
tcp
is the protocol (may also beudp
)192.168.1.100
is the IP address (change it to the one you want to allow)3306
is the port number (change it as well)
The first command blocks all communiation for this port. The second command then adds an exception for a specific IP address. The second command can be repeated for any IP address that should be allowed.
Leave a comment