Linux Iptables allow LDAP server incoming client request

LDAP (Lightweight Directory Access Protocol) powerful enterprise class directory service by default listen on UDP port 389 for queries. Following iptable rules allows incoming client request (open port UDP port 389) for server IP address 202.54.1.20 :
iptables -A INPUT -p udp -s 0/0 –sport 1024:65535 -d 202.54.1.20 –dport 389 -m state –state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p udp -s 202.54.1.20 –sport 389 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT

Restrict access to LDAP database server from your network is essential, following iptables allows incoming LDAP client request from IP address 202.54.1.0/24 network only:
iptables -A INPUT -p udp -s 202.54.1.0/24 –sport 1024:65535 -d 202.54.1.20 –dport 389 -m state –state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p udp -s 202.54.1.20 –sport 389 -d 202.54.1.0/24 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 0 comments... add one


CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum