What is the difference between these 2 iptables rules?
Trying to allow incoming ssh traffic on port 22. Default behavior is to
DROP all incoming traffic.
I came across 2 articles on how to allow traffic. However, they are
different.
## open port ssh tcp port 22 ##
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22
-j ACCEPT
Vs
# Allow all incoming SSH
iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state
NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED
-j ACCEPT
It appears that the 1st one allows all traffic and then specifes a
specific network. Seems like those are mutually exclusive?
What are the differences between these 2 and which one should I use?
No comments:
Post a Comment