ElasticSearch restrict access using IP tables
First, you need to set which IP's that can reach the computer
iptables -I INPUT 1 -p tcp --dport 9200:9400 -s IP_ADRRESS_1,IP_ADRRESS_2,IP_ADRRESS_3 -j ACCEPT
Then, you need to restrict any ip except specified ones can reach your ports.
iptables -I INPUT 4 -p tcp --dport 9200:9400 -j REJECT
Finally save your settings to a file.
sudo sh -c "iptables-save > /etc/iptables.rules"
If you want these changes persists on reboots, execute sudo vi /etc/network/interfaces
and add following pre-up iptables-restore < /etc/iptables.rules
Few things to remember:
- You can add more ips to first command.
- If you add extra ips you should set the value(4) in the second command. It is the rule order, so it must be latest rule. Thus add 1 for each ip you add.