Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ipset create db_allow hash:ip counters timeout 3600
- # pass connections from allowed addresses in db_allow ipset
- iptables -A INPUT -p tcp --dport 3306 -m match-set --set db_allow src -j ACCEPT
- # block connections from other addresses
- iptables -A INPUT -p tcp --dport 3306 -j DROP
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement