Iptables: how to block all incoming connections from outside the lan

by Ciccio Pasticcio   Last Updated July 11, 2019 20:00 PM

I have a small server (connected to internet through a vdsl router), with some services that have to work only for the lan.

I don't trust very much the router, so i have to protect the server and client via iptables/windows firewall.

On the server i have set iptables for allowing only connection for my services, but i would to reject ALL the incoming connections from internet, and allow lan connections.

i have tried to add this line to iptables: $IPTABLES -A INPUT -t filter ! -s 192.168.0.0/16 -j REJECT but it blocks even the ping, the http, the ftp connection on internet. If i remove that line, all the connections are ok.

Someone can tell me the correct sintax?

Thank you in advance.

Tags : iptables


Related Questions


Updated March 27, 2015 10:00 AM

Updated May 16, 2015 21:00 PM

Updated August 22, 2015 20:00 PM

Updated September 12, 2015 04:00 AM

Updated April 14, 2015 02:29 AM