Re: iptables usage

To: debian-user@lists.debian.org
Subject: Re: iptables usage
From: Michael Pobega <pobega@gmail.com>
Date: Wed, 07 Feb 2007 07:16:31 -0500
Message-id: <[🔎] 45C9C31F.3080108@gmail.com>
In-reply-to: <[🔎] 45C984F7.2000807@yahoo.co.uk>
References: <[🔎] 20070205184214.GS29281@localhost.localdomain> <[🔎] 45C7807B.5050101@gmail.com> <[🔎] 20070205201502.GD10633@localhost.localdomain> <[🔎] 45C79298.8020804@gmail.com> <[🔎] 20070205210201.GF10633@localhost.localdomain> <[🔎] 20070205232007.GA16347@topoi.pooq.com> <[🔎] 20070206001541.GH10633@localhost.localdomain> <[🔎] 20070206115237.62881c9e@think.homenet> <[🔎] 20070206164203.GC27099@localhost.localdomain> <[🔎] 20070206203313.2d5c2aac@think.homenet> <[🔎] 20070206184025.GB6341@localhost.localdomain> <[🔎] 45C94103.2060202@gmail.com> <[🔎] 45C984F7.2000807@yahoo.co.uk>

franck wrote:
> Michael Pobega wrote:
>> [...]
> Hi,
>
> What about the OUTPUT chain ? Have you set up more rules ? By default,
> iptables policy is to ACCEPT all paquets.
>
> Have a look at :
>
> iptables -L -v to see your rules.
>
> An iptables tutorial can be found here :
>
> http://iptables-tutorial.frozentux.net/iptables-tutorial.html
>
Thanks for the link, but as far as I know it should work. Those are the
only two rules I'm using, and it *is *working because after I run
iptables -A INPUT -j REJECT all of my connections drop. But since I
opened port 80 before that, shouldn't I still be able to use HTTP?


Andrei Popescu wrote:

> I'm no expert in iptables, but AFAIK the order of the rules *does*
> matter. If I understand what you are writing (as much as one can
> understand iptables syntax) you are telling it to ACCEPT traffic on
> port 80 and then you tell it to REJECT any traffic.

Exactly. First I opened port 80, and second I closed everything. Which
in the end should cause everything but port 80 to be closed. At least
this is my understanding. I've tried the other way around, but it still
didn't work for me.

> P.S. You should start a new thread for new problems, you might get more
> answers that way
I thought this /was/ a new thread? :-P

Reply to:

Follow-Ups:
- Re: iptables usage
  - From: SiegeM <siegem@gmail.com>
- Re: iptables usage
  - From: Andrei Popescu <andreimpopescu@gmail.com>

References:
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Michael Pobega <pobega@gmail.com>
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Michael Pobega <pobega@gmail.com>
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: hendrik@topoi.pooq.com
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Attracting newbies (Was Booting Debian/testing fails)
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>
- iptables usage
  - From: Michael Pobega <pobega@gmail.com>
- Re: iptables usage
  - From: franck <joncourt_franck@yahoo.co.uk>

Prev by Date: Re: Detection of Hardware and Devices
Next by Date: mirror-server
Previous by thread: Re: iptables usage
Next by thread: Re: iptables usage
Index(es):
- Date
- Thread