All WTI devices use Linux based iptables to manipulate the networking capabilities of the units.
You can use iptables to
- Allow/Block specific addresses or ranges access to a WTI device
- Allow/Block specific or ranges for port access
- Route port numbers to alternate port numbers
- Any operation Linux iptables can perform
The WTI IP Tables configuration is system wide, so you can target individual Ethernet/Cellular ports or control ranges of IP addresses.
Sample Commands:
Below is a sample to allow only one IP address via the SSH port.
Login to the WTI device.
Issue the following commands
/n
5. (IP Tables)
Then enter the commands below on each line
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -s 98.174.158.2 -p tcp --dport 22 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
iptables -A INPUT -j DROP
iptables -A OUTPUT -j DROP
*Please note that if WebTerm is enabled you will need to add the following entries:
iptables -A INPUT -p tcp --dport 6107 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 6107 -j ACCEPT
iptables -A INPUT -p tcp --sport 6107 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 6107 -j ACCEPT
iptables -A INPUT -j DROP