Re: iptables question

To: debian-isp@lists.debian.org
Subject: Re: iptables question
From: Paul Cupis <paul@cupis.co.uk>
Date: Sat, 18 Mar 2006 12:57:49 +0000
Message-id: <[🔎] 441C03CD.9050308@cupis.co.uk>
In-reply-to: <[🔎] dvgv36$iuu$1@sea.gmane.org>
References: <[🔎] dvgrli$adp$1@sea.gmane.org> <[🔎] 441BF37A.8020201@cupis.co.uk> <[🔎] dvgv36$iuu$1@sea.gmane.org>

Ritesh Raj Sarraf wrote:
> Paul Cupis on Saturday 18 Mar 2006 17:18 wrote:
>>>Ritesh Raj Sarraf wrote:
>>>>Can someone shed some light on it ?
>>>>
>>>>`iptables -A INPUT -d 192.168.1.1 -p tcp --dport ! 8080 -j DROP`
>>>>
>>>>If I understand correctly the above rule says, "In the INPUT chain of
>>>>iptables, if the destination IP address is 192.168.1.1 and the protocol
>>>>is tcp and the destination port is 8080, then drop those packets".
>>>
>>>The "!" inverts the logic of --dport.
>>>
>>>So this is "...and the destination port IS NOT 8080..."
> 
> Sorry, that was my mistake. A typo.
> So the original statement, corrected, goes:
> 
> "In the INPUT chain of iptables, if the destination IP address is
> 192.168.1.1 and the protocol is tcp and the destination port is NOT 8080,
> then drop those packets".
> 
> So, theoretically when I connect to 192.168.1.1 on port 8080 it should
> connect. Right ?
> But it doesn't. :-(

What other iptables rules do you have?

What do you get if you add:

iptables -A INPUT -j LOG
iptables -A OUTPUT -j LOG

Reply to:

Follow-Ups:
- Re: iptables question
  - From: Ritesh Raj Sarraf <rrs@researchut.com>

References:
- iptables question
  - From: Ritesh Raj Sarraf <rrs@researchut.com>
- Re: iptables question
  - From: Paul Cupis <paul@cupis.co.uk>
- Re: iptables question
  - From: Ritesh Raj Sarraf <rrs@researchut.com>

Prev by Date: Re: iptables question
Next by Date: RE: Re: iptables question
Previous by thread: Re: iptables question
Next by thread: Re: iptables question
Index(es):
- Date
- Thread