Linux Iptables allow LDAPS server incoming client request

Secure LDAP (LDAP over SSL) incoming client request service by default listen on TCP port 636 for queries. Following iptable rules allows incoming client request (open port TCP port 636) for server IP address 202.54.1.20 :
iptables -A INPUT -p tcp -s 0/0 –sport 1024:65535 -d 202.54.1.20 –dport 636 -m state –state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p tcp -s 202.54.1.20 –sport 636 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT

Restrict access to LDAPS database server from your network is essential, following iptables allows incoming LDAPS client request from IP address 202.54.1.0/24 network only:
iptables -A INPUT -p tcp -s 202.54.1.0/24 –sport 1024:65535 -d 202.54.1.20 –dport 636 -m state –state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p tcp -s 202.54.1.20 –sport 636 -d 202.54.1.0/24 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 1 comment so far... add one


CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
1 comment… add one
  • Anonymous Aug 4, 2005 @ 18:47

    gr8 was looking for stateful rule

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum