Linux Iptables allow LDAP server incoming client request

LDAP (Lightweight Directory Access Protocol) powerful enterprise class directory service by default listen on UDP port 389 for queries. Following iptable rules allows incoming client request (open port UDP port 389) for server IP address 202.54.1.20 :
iptables -A INPUT -p udp -s 0/0 –sport 1024:65535 -d 202.54.1.20 –dport 389 -m state –state NEW,ESTABLISHED -j ACCEPT

Advertisement

iptables -A OUTPUT -p udp -s 202.54.1.20 –sport 389 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT

Restrict access to LDAP database server from your network is essential, following iptables allows incoming LDAP client request from IP address 202.54.1.0/24 network only:
iptables -A INPUT -p udp -s 202.54.1.0/24 –sport 1024:65535 -d 202.54.1.20 –dport 389 -m state –state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p udp -s 202.54.1.20 –sport 389 -d 202.54.1.0/24 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT

🥺 Was this helpful? Please add a comment to show your appreciation or feedback.

nixCrat Tux Pixel Penguin
Hi! 🤠
I'm Vivek Gite, and I write about Linux, macOS, Unix, IT, programming, infosec, and open source. Subscribe to my RSS feed or email newsletter for updates.

0 comments… add one

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Your comment will appear only after approval by the site admin.