Linux Iptables allow LDAP server incoming client request

last updated in Categories News

LDAP (Lightweight Directory Access Protocol) powerful enterprise class directory service by default listen on UDP port 389 for queries. Following iptable rules allows incoming client request (open port UDP port 389) for server IP address :
iptables -A INPUT -p udp -s 0/0 –sport 1024:65535 -d –dport 389 -m state –state NEW,ESTABLISHED -j ACCEPT


iptables -A OUTPUT -p udp -s –sport 389 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT

Restrict access to LDAP database server from your network is essential, following iptables allows incoming LDAP client request from IP address network only:
iptables -A INPUT -p udp -s –sport 1024:65535 -d –dport 389 -m state –state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p udp -s –sport 389 -d –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.


Leave a Comment