2 network interface in server and access only from one interface

[ds(ds)]

There are 2 network interfaces (eth0-lan eth1-internet)
I want to give access SSH only through eth0.
have any questions
1. best done through iptables or there are other better solutions?

2. if cut, ssh (port 22) on eth1, lost access to the vm (via ssh) are connected through vmbr1? (need to change port ssh from 22 to 23 for example?)

 

[coffe]

i have solved hat with a shorewall install on server.. and stop traffic to local , will work if clients have external ips.

 

[udo]

There are 2 network interfaces (eth0-lan eth1-internet)
I want to give access SSH only through eth0.
have any questions
1. best done through iptables or there are other better solutions?

2. if cut, ssh (port 22) on eth1, lost access to the vm (via ssh) are connected through vmbr1? (need to change port ssh from 22 to 23 for example?)

Hi,
why not easy: told sshd to listen only on eth0!
in /etc/ssh/sshd_config

ListenAddress=127.0.0.1
ListenAddress=ip.of.et.h0

Udo

 

[ds(ds)]

2 udo
its really best solution

and another question: how to disable the web interface from the outside? (hosts.deny ???)