Mdthbs

Can a nowhere continuous function have a connected graph?

Reusable spacecraft: why still have fairings detach, instead of open/close?

Movie with Zoltar in a trailer park named Paradise and a boy playing a video game then being recruited by aliens to fight in space

Different budgets within roommate group

Can SOCPs approximate better than LPs?

Prime parity peregrination

What's the safest way to inform a new user of their password on an invite-only website?

Closest Proximity of Oceans to Freshwater Springs

Can European countries bypass the EU and make their own individual trade deal with the U.S.?

Using the ArcGIS 'select by location' tool in ModelBuilder?

Grant dbcreator only for databases matching prefix

Using “ser” without "un/una"?

Why wasn't EBCDIC designed with contiguous alphanumeric characters?

Are gliders susceptible to bird strikes?

I need help with pasta

The warming up game

Company threatening to call my current job after I declined their offer

Losing queen and then winning the game

What is this mount with two buttons on side of Vivitar 75-205mm lens?

Which is better for keeping data: primary partition or logical partition?

Could human civilization live 150 years in a nuclear-powered aircraft carrier colony without resorting to mass killing/ cannibalism?

Adjective for 'made of pus' or 'corrupted by pus' or something of something of pus

How to describe POV characters?

"Vector quantity" --More than two dimensions?

Limit private IP access only

iptables blocking from internet side on eth1?How to block access to “private” host-only network from VirtualBox nat interface (separate host-only networks)?secure my servers with iptablesRoute outging traffic from private network (lxdbr0)select a private network interfaceTo block outgoing connections from redhat 7 using firewall-cmdFirewalld : Blacklist certain port to an IP RangeBlock or drop DNS requests within forwarded packetsiptables SNAT limit to specific networkHow do I block public port(3306) access in Linux but allow from other nodes on local network?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}

0

Is that possible to forbid the outgoing public IP address and access private IP only?

10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255

192.168.0.0 to 192.168.255.255

I know there is a way to drop IP via iptables

iptables -I OUTPUT-s 11.0.0.0 -j DROP

... etc

Is there a convenient way to block all of them?

linux networking iptables

share|improve this question

asked 1 hour ago

Coda ChangCoda Chang

10544 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Just so I understand, you want your machine to ONLY be able to access the private IP ranges and not be able to access ANY public IPs?
  
  – Colin Wu
  1 hour ago
  

  
  
  
  

add a comment | 

0

Is that possible to forbid the outgoing public IP address and access private IP only?

10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255

192.168.0.0 to 192.168.255.255

I know there is a way to drop IP via iptables

iptables -I OUTPUT-s 11.0.0.0 -j DROP

... etc

Is there a convenient way to block all of them?

linux networking iptables

share|improve this question

asked 1 hour ago

Coda ChangCoda Chang

10544 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Just so I understand, you want your machine to ONLY be able to access the private IP ranges and not be able to access ANY public IPs?
  
  – Colin Wu
  1 hour ago
  

  
  
  
  

add a comment | 

Is that possible to forbid the outgoing public IP address and access private IP only?

10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255

192.168.0.0 to 192.168.255.255

I know there is a way to drop IP via iptables

iptables -I OUTPUT-s 11.0.0.0 -j DROP

... etc

Is there a convenient way to block all of them?

linux networking iptables

share|improve this question

asked 1 hour ago

Coda ChangCoda Chang

10544 bronze badges

10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255

192.168.0.0 to 192.168.255.255

iptables -I OUTPUT-s 11.0.0.0 -j DROP

... etc

share|improve this question

asked 1 hour ago

Coda ChangCoda Chang

10544 bronze badges

share|improve this question

asked 1 hour ago

Coda ChangCoda Chang

10544 bronze badges

asked 1 hour ago

Coda ChangCoda Chang

10544 bronze badges

asked 1 hour ago

Coda ChangCoda Chang

10544 bronze badges

1 Answer
1

active

oldest

votes

0

iptables -A OUTPUT -d. 10.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 172.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 192.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 127.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -j DROP

share|improve this answer

answered 1 hour ago

user1133275user1133275

4,04211 gold badge1010 silver badges2525 bronze badges

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f527141%2flimit-private-ip-access-only%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

iptables -A OUTPUT -d. 10.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 172.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 192.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 127.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -j DROP

share|improve this answer

answered 1 hour ago

user1133275user1133275

4,04211 gold badge1010 silver badges2525 bronze badges

add a comment | 

0

iptables -A OUTPUT -d. 10.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 172.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 192.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 127.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -j DROP

share|improve this answer

answered 1 hour ago

user1133275user1133275

4,04211 gold badge1010 silver badges2525 bronze badges

add a comment | 

iptables -A OUTPUT -d. 10.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 172.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 192.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 127.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -j DROP

share|improve this answer

answered 1 hour ago

user1133275user1133275

4,04211 gold badge1010 silver badges2525 bronze badges

iptables -A OUTPUT -d. 10.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 172.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 192.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -d 127.0.0.0/4 -j ACCEPT

iptables -A OUTPUT -j DROP

share|improve this answer

answered 1 hour ago

user1133275user1133275

4,04211 gold badge1010 silver badges2525 bronze badges

answered 1 hour ago

user1133275user1133275

4,04211 gold badge1010 silver badges2525 bronze badges

answered 1 hour ago

user1133275user1133275

4,04211 gold badge1010 silver badges2525 bronze badges