iptables - How to allow all connections to the local lan?IPTABLES to block all outgoing connections except...
Set multicolumn to a exact width
Why doesn't a marching band have strings?
How would modern naval warfare have to have developed differently for battleships to still be relevant in the 21st century?
Can any NP-Complete Problem be solved using at most polynomial space (but while using exponential time?)
How risky is real estate?
How can I politely work my way around not liking coffee or beer when it comes to professional networking?
Source for "the land of Israel makes its inhabitants wise"
Computing a trigonometric integral
How to make clear to people I don't want to answer their "Where are you from?" question?
Cascading Repair Costs following Blown Head Gasket on a 2004 Subaru Outback
A STL-like vector implementation in C++
Can Ogre clerics use Purify Food and Drink on humanoid characters?
First-year PhD giving a talk among well-established researchers in the field
Iterate MapThread with matrices
How do I turn off a repeating trade?
How dangerous are set-size assumptions?
Why do all the teams that I have worked with always finish a sprint without completion of all the stories?
Why is C++ initial allocation so much larger than C's?
How was Hillel permitted to go to the skylight to hear the shiur
How much will studying magic in an academy cost?
Should I prioritize my 401(k) over my student loans?
Hot coffee brewing solutions for deep woods camping
What is the origin of Scooby-Doo's name?
Should my manager be aware of private LinkedIn approaches I receive? How to politely have this happen?
iptables - How to allow all connections to the local lan?
IPTABLES to block all outgoing connections except selected networksincoming ACCEPT all iptables rule still appearingIPtables : Limit number of new ssh connections per minuteUsing IPTables to block all connections but still be able to backup vServeriptables - Redirect web traffic to LAN ServerConfusion about interfaces, iptables, connections, local connectionIs accepting RELATED,ESTABLISHED for all sources in iptables considered “too open”?Baffled by an ebtables rule that doesn't work: Allowing only local LAN trafficIptables masquerade rules removed, still existing connections aliveAllow all incoming ICMP connections internal network iptables
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
What's the simplest way to express "allow all connections to the local lan" for iptables output?
Including connections to 192.*, 172.*, 10.*, etc.
Can all of this compressed within a single rule?
iptables
asked Mar 8 '16 at 18:29
adrelanosadrelanos
2493 gold badges14 silver badges38 bronze badges
bumped to the homepage by Community♦ 1 hour ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
What's the simplest way to express "allow all connections to the local lan" for iptables output?
Including connections to 192.*, 172.*, 10.*, etc.
Can all of this compressed within a single rule?
iptables
asked Mar 8 '16 at 18:29
adrelanosadrelanos
2493 gold badges14 silver badges38 bronze badges
bumped to the homepage by Community♦ 1 hour ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
does using the comma separated list of (for example) 'iptables -t filter -A INPUT -s 192.168.0.0/16,10.0.0.0/8,172.16.0.0/16 -j ACCEPT' not work?
– HidekiAI
Jun 24 '17 at 13:34
add a comment |
What's the simplest way to express "allow all connections to the local lan" for iptables output?
Including connections to 192.*, 172.*, 10.*, etc.
Can all of this compressed within a single rule?
iptables
asked Mar 8 '16 at 18:29
adrelanosadrelanos
2493 gold badges14 silver badges38 bronze badges
What's the simplest way to express "allow all connections to the local lan" for iptables output?
Including connections to 192.*, 172.*, 10.*, etc.
Can all of this compressed within a single rule?
iptables
iptables
asked Mar 8 '16 at 18:29
adrelanosadrelanos
2493 gold badges14 silver badges38 bronze badges
asked Mar 8 '16 at 18:29
adrelanosadrelanos
2493 gold badges14 silver badges38 bronze badges
asked Mar 8 '16 at 18:29
adrelanosadrelanos
2493 gold badges14 silver badges38 bronze badges
asked Mar 8 '16 at 18:29
adrelanosadrelanos
2493 gold badges14 silver badges38 bronze badges
asked Mar 8 '16 at 18:29
adrelanosadrelanos
2493 gold badges14 silver badges38 bronze badges
2493 gold badges14 silver badges38 bronze badges
bumped to the homepage by Community♦ 1 hour ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 1 hour ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
does using the comma separated list of (for example) 'iptables -t filter -A INPUT -s 192.168.0.0/16,10.0.0.0/8,172.16.0.0/16 -j ACCEPT' not work?
– HidekiAI
Jun 24 '17 at 13:34
add a comment |
does using the comma separated list of (for example) 'iptables -t filter -A INPUT -s 192.168.0.0/16,10.0.0.0/8,172.16.0.0/16 -j ACCEPT' not work?
– HidekiAI
Jun 24 '17 at 13:34
does using the comma separated list of (for example) 'iptables -t filter -A INPUT -s 192.168.0.0/16,10.0.0.0/8,172.16.0.0/16 -j ACCEPT' not work?
– HidekiAI
Jun 24 '17 at 13:34
does using the comma separated list of (for example) 'iptables -t filter -A INPUT -s 192.168.0.0/16,10.0.0.0/8,172.16.0.0/16 -j ACCEPT' not work?
– HidekiAI
Jun 24 '17 at 13:34
add a comment |
1 Answer
1
active
oldest
votes
Using ipset
ipset create locallan hash:net
ipset add locallan 192.168.0.0/16
ipset add locallan 172.16.0.0/16
ipset add locallan 10.0.0.0/8
iptables -I INPUT -m set --match-set locallan src -j ACCEPT
Would allow connections from those ranges to the server with that rule.
answered Mar 8 '16 at 22:10
lluallua
4,93914 silver badges20 bronze badges
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f268464%2fiptables-how-to-allow-all-connections-to-the-local-lan%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Using ipset
ipset create locallan hash:net
ipset add locallan 192.168.0.0/16
ipset add locallan 172.16.0.0/16
ipset add locallan 10.0.0.0/8
iptables -I INPUT -m set --match-set locallan src -j ACCEPT
Would allow connections from those ranges to the server with that rule.
answered Mar 8 '16 at 22:10
lluallua
4,93914 silver badges20 bronze badges
add a comment |
Using ipset
ipset create locallan hash:net
ipset add locallan 192.168.0.0/16
ipset add locallan 172.16.0.0/16
ipset add locallan 10.0.0.0/8
iptables -I INPUT -m set --match-set locallan src -j ACCEPT
Would allow connections from those ranges to the server with that rule.
answered Mar 8 '16 at 22:10
lluallua
4,93914 silver badges20 bronze badges
add a comment |
Using ipset
ipset create locallan hash:net
ipset add locallan 192.168.0.0/16
ipset add locallan 172.16.0.0/16
ipset add locallan 10.0.0.0/8
iptables -I INPUT -m set --match-set locallan src -j ACCEPT
Would allow connections from those ranges to the server with that rule.
answered Mar 8 '16 at 22:10
lluallua
4,93914 silver badges20 bronze badges
Using ipset
ipset create locallan hash:net
ipset add locallan 192.168.0.0/16
ipset add locallan 172.16.0.0/16
ipset add locallan 10.0.0.0/8
iptables -I INPUT -m set --match-set locallan src -j ACCEPT
Would allow connections from those ranges to the server with that rule.
answered Mar 8 '16 at 22:10
lluallua
4,93914 silver badges20 bronze badges
answered Mar 8 '16 at 22:10
lluallua
4,93914 silver badges20 bronze badges
answered Mar 8 '16 at 22:10
lluallua
4,93914 silver badges20 bronze badges
answered Mar 8 '16 at 22:10
lluallua
4,93914 silver badges20 bronze badges
4,93914 silver badges20 bronze badges
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f268464%2fiptables-how-to-allow-all-connections-to-the-local-lan%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
does using the comma separated list of (for example) 'iptables -t filter -A INPUT -s 192.168.0.0/16,10.0.0.0/8,172.16.0.0/16 -j ACCEPT' not work?
– HidekiAI
Jun 24 '17 at 13:34