If you have a network like the following :
Eth0 =192.168.0.244 ( or public IP ) gateway 192.168.0.254
Eth1 =10.0.0.1
Client pc of network class 10.X should be able to access ssh but not from 192.168.0.X network then do the following :
First check the /etc/services ---- > look for port 22
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT --to-port 3128
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 22 -j REDIRECT --to-port 3128
all packets that come to eth0 get redirected to our squid application on the same server that works on port 3128 and you need to configure the squid server to block port 22
Similarly you can block for various other ports !!!
No comments:
Post a Comment