Firewall/iptables question

To: Debian Users <debian-user@lists.debian.org>
Subject: Firewall/iptables question
From: Hilco Wijbenga <hilco.wijbenga@gmail.com>
Date: Tue, 3 May 2011 16:21:04 -0700
Message-id: <[🔎] BANLkTi=9iR+SE-w2Fd_mJq4R-PDGVgoh_A@mail.gmail.com>

Hi all,

I'm attempting to set up a simple firewall on a virtual server. I have
the following:

iptables --flush
iptables -t nat --flush
iptables -t mangle --flush
iptables --policy INPUT DROP
iptables --policy OUTPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i venet0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp -i venet0 --dport 22 -m state --state NEW -j ACCEPT
iptables -A INPUT -p tcp -i venet0 --source m.y.i.p --dport 80 -m
state --state NEW -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -j LOG
iptables -A INPUT -j REJECT

(And iptables -L shows that this setup has been accepted.)

This was supposed to only allow my box (or at least my public IP)
access to port 80 on this server. I can not access port 80 at all,
however. (Please note that without --source it works as expected.)

What am I doing wrong?

On a related note, the logging only logs the packet, but no timestamp.
Is that configurable somewhere?

Cheers,
Hilco

Reply to:

Follow-Ups:
- Re: Firewall/iptables question
  - From: Hilco Wijbenga <hilco.wijbenga@gmail.com>
- Re: Firewall/iptables question
  - From: green <greenfreedom10@gmail.com>

Prev by Date: Re: Poll - What Smartphone do you use?
Next by Date: I have installed Debian on my Thinkpad but mouse Cursor is not displayed.
Previous by thread: Re: xmodmap settings are forgotten/lost during session
Next by thread: Re: Firewall/iptables question
Index(es):
- Date
- Thread