Here is my rule set:
#default input policy
/sbin/iptables -P INPUT
DROP
#allow www/https(ssl)
/sbin/iptables -A INPUT -s 0/0 -d 172.16.5.92
-p tcp --dport https -j ACCEPT
#allow ssh
/sbin/iptables -A INPUT -s 0/0
-d 172.16.5.92 -p tcp --dport ssh -j ACCEPT
#allow smtp
/sbin/iptables
-A INPUT -s 0/0 -d 172.16.5.92 -p tcp --dport smtp -j ACCEPT
#create a new rule for drop #
log
#/sbin/iptables -N drop-and-log-it
#log it
#/sbin/iptables -A
drop-and-log-it -j LOG --log-level info --log-prefix 'DROPIT'
#drop
it
#/sbin/iptables -A drop-and-log-it -j DROP
#now call the rule to drop and log
/sbin/iptables -A INPUT -j drop-and-log-it
-----------
Thanks
ijg0
----- Original Message -----
Sent: Tuesday, March 11, 2003 1:11
AM
Subject: RE: iptables and apt-get
shouldnt do
unless you changed the output rules?
please provide your ruleset
Thing
Hi Guys,
I am setting up iptables on my debain woody
box. I have decided to close everyting and then open up just ssh and ssl.
This obviously prevents my apt-get update
from working. What ports do I need to open for this to
work. If it helps I am going through a proxy to get to the
internet.
Thanks
ijg0