Linux Iptables allow LDAPS server incoming client request
Secure LDAP (LDAP over SSL) incoming client request service by default listen on TCP port 636 for queries. Following iptable rules allows incoming client request (open port TCP port 636) for server IP address 202.54.1.20 :
iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.54.1.20 --dport 636 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 636 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
Restrict access to LDAPS database server from your network is essential, following iptables allows incoming LDAPS client request from IP address 202.54.1.0/24 network only:
iptables -A INPUT -p tcp -s 202.54.1.0/24 --sport 1024:65535 -d 202.54.1.20 --dport 636 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 636 -d 202.54.1.0/24 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
E-mail this to a Friend
Printable Version
Linux Powered Asus EEE Laptop PC From $299
You may also be interested in other helpful articles:
- Linux Iptables allow LDAPS outgoing client request via firewall
- Linux Iptables allow WEBCACHING incoming client request
- Linux Iptables allow LDAP server incoming client request
- Linux Iptables allow SOCKS incoming client request
- Linux Iptables allow SQUID proxy incoming client request
Discussion on This Article:
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
gr8 was looking for stateful rule