This post explains how to block all ips except one accessing your system through ssh. Here we are using iptables firewall for blocking and allowing ips. These rules are tested on Centos linux and will work with other linux distros like redhat, fedora, etc.
Suppose you have your main server with ip 192.168.1.10
And you want to allow access from 192.168.1.4 only
Here is the rules :
Initial state [all accept]
root@test [~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
root@test [~]#
See the rules below.
Now writing rules :
root@test [~]# iptables -I INPUT -p tcp -s 192.168.1.4 --dport 22 -j ACCEPT
root@test [~]# iptables -I OUTPUT -p tcp -d 192.168.1.4 --sport 22 -j ACCEPT
root@test [~]# iptables -P INPUT DROP
root@test [~]# iptables -P OUTPUT DROP
root@test [~]# iptables -P FORWARD DROP
root@test [~]# iptables -L
After :
root@cpaneltest [~]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.1.4 anywhere tcp dpt:ssh
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere 192.168.1.4 tcp spt:ssh
Thats it. now the server 192.168.1.10 will be only accessible through ssh from 192.168.1.4.