Dave Nebinger wrote:
What is the best way to configure iptables in a way, so that spefic
hosts may connect to distccd ?
The following command should do it if you substitute the () with your
local
values.
iptables -I INPUT -i (network interface) -p tcp -s (src ip addr) --dport
3632 -j ACCEPT
Hmm, iptables -L now returns
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 192.168.0.250 anywhere tcp dpt:distcc
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT udp -- anywhere anywhere udp
dpt:bootps reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp
dpt:domain reject-with icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:distcc
DROP tcp -- anywhere anywhere tcp dpts:0:1023
DROP udp -- anywhere anywhere udp dpts:0:1023
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere 192.168.0.0/16
ACCEPT all -- 192.168.0.0/16 anywhere
ACCEPT all -- anywhere 192.168.0.0/16
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
but distcc doesn't work ...
--
gentoo-user@gentoo.org mailing list
