[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables question

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Paul Cupis on Saturday 18 Mar 2006 17:18 wrote:

> Ritesh Raj Sarraf wrote:
>> Can someone shed some light on it ?
>> 
>> `iptables -A INPUT -d 192.168.1.1 -p tcp --dport ! 8080 -j DROP`
>> 
>> If I understand correctly the above rule says, "In the INPUT chain of
>> iptables, if the destination IP address is 192.168.1.1 and the protocol
>> is tcp and the destination port is 8080, then drop those packets".
> 
> The "!" inverts the logic of --dport.
> 
> So this is "...and the destination port IS NOT 8080..."


Sorry, that was my mistake. A typo.
So the original statement, corrected, goes:

"In the INPUT chain of iptables, if the destination IP address is
192.168.1.1 and the protocol is tcp and the destination port is NOT 8080,
then drop those packets".

So, theoretically when I connect to 192.168.1.1 on port 8080 it should
connect. Right ?
But it doesn't. :-(

Any Ideas ?

Thanks,
Ritesh
- -- 
Ritesh Raj Sarraf
RESEARCHUT -- http://www.researchut.com
"Necessity is the mother of invention."
"Stealing logic from one person is plagiarism, stealing from many is
research."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEG/+S4Rhi6gTxMLwRAuInAKCULqIndYXnzG+bj6xP6gkzJxbdzgCeMwk4
J7wEDsIJFN3vDNcdvBg8WW0=
=0FRz
-----END PGP SIGNATURE-----
Reply to: