Re: iptables: always allow port 80

To: debian-isp@lists.debian.org
Subject: Re: iptables: always allow port 80
From: Mariusz Kruk <kruk@epsilon.eu.org>
Date: Wed, 29 Jul 2009 13:03:49 +0200
Message-id: <[🔎] 1248865429.18640.5.camel@poznojuz>
In-reply-to: <[🔎] 87tz0v3gnw.fsf@kassiopeya.MSHEIMNETZ>
References: <[🔎] 87tz0v3gnw.fsf@kassiopeya.MSHEIMNETZ>

On Wed, 2009-07-29 at 12:52 +0200, Sebastian Rose wrote:
> Questions for iptables specialists:
> 
> 
> 1.) iptables -I DENYCC 4 -m tcp --dport 80 -j ACCEPT
> 
>    Is a rule like this acceptable?

Are you sure you didn't want '-p tcp' instead of '-m tcp'?

>    Should I use --limit?

If you want.

> 2.) Which MAC address does the server see?
>     Will it always be the MAC address of my customers machine? 

It seems you've got _a lot_ to read.
How do you want to see MAC of the host on the completely different
segment of the network? (add to this that the host might be connected
via 'MAC-less' type of network).

-- 
\------------------------/ I  am Bugs Bunny of Borg. What's up, Collec-
|  Kruk@epsilon.eu.org   | tive?
| http://epsilon.eu.org/ | 
/------------------------\

Reply to:

Follow-Ups:
- Re: iptables: always allow port 80
  - From: Sebastian Rose <sebastian_rose@gmx.de>

References:
- iptables: always allow port 80
  - From: Sebastian Rose <sebastian_rose@gmx.de>

Prev by Date: iptables: always allow port 80
Next by Date: Re: iptables: always allow port 80
Previous by thread: iptables: always allow port 80
Next by thread: Re: iptables: always allow port 80
Index(es):
- Date
- Thread