{"id":305,"date":"2016-03-14T22:34:33","date_gmt":"2016-03-14T21:34:33","guid":{"rendered":"http:\/\/www.sarbyn.com\/tech\/?p=305"},"modified":"2016-03-14T22:34:33","modified_gmt":"2016-03-14T21:34:33","slug":"allow-ssh-trafic-from-local-net-and-from-a-specific-ip","status":"publish","type":"post","link":"https:\/\/www.sarbyn.com\/blog\/2016\/03\/14\/allow-ssh-trafic-from-local-net-and-from-a-specific-ip\/","title":{"rendered":"Allow SSH trafic from local net and from a specific IP"},"content":{"rendered":"

I need to connect to my raspiNAS server<\/a> from the local network and from a specific IP (my office IP address) but I don’t want to let it open to the world. So the steps are:
\nConfigure a NAT rule in order to enable TCP port fowarding
\nLet’s play with iptables<\/p>\n

\r\n# iptables -A INPUT -s OFFICE_IP\/32 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT\r\n# iptables -A INPUT -s 192.168.1.0\/24 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT\r\n# iptables -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j DROP\r\n<\/pre>\n
Setup iptables at boot:<\/p>\n
\r\nsudo bash -c 'iptables-save > \/etc\/network\/iptables'\r\nsudo nano \/etc\/network\/interfaces\r\n<\/pre>\n
At the bottom add <\/p>\n
\r\npre-up iptables-restore < \/etc\/network\/iptables\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
I need to connect to my raspiNAS server from the local network and from a specific IP (my office IP address) but I don’t want to let it open to the world. So the steps are: Configure a NAT rule in order to enable TCP port fowarding Let’s play with iptables # iptables -A INPUT … →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[43],"tags":[79,80,78],"class_list":["post-305","post","type-post","status-publish","format-standard","hentry","category-diy-2","tag-iptables","tag-network","tag-raspinas"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p3JApm-4V","jetpack_likes_enabled":true,"jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/posts\/305"}],"collection":[{"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/comments?post=305"}],"version-history":[{"count":2,"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/posts\/305\/revisions"}],"predecessor-version":[{"id":308,"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/posts\/305\/revisions\/308"}],"wp:attachment":[{"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/media?parent=305"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/categories?post=305"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sarbyn.com\/blog\/wp-json\/wp\/v2\/tags?post=305"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}