How do I use iptables to reject all traffic to localhost port 80 but allow the one that comes from local machine?

view full story

http://serverfault.com – How do I use iptables to reject all traffic to localhost port 80 but allow the one that comes from local machine? Here is my current solution that doesn't seems to block the traffic. the ip, the the ip of the local machine. If I do not put the 2nd line, all the traffic is block, and with it enabled, all the traffic is accepted ?! iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -A INPUT -p tcp --dport 80 -s 127.0.0.1 -j ACCEPT iptables -A INPUT -p t (HowTos)

Submitted by grtyyu on 07/13/2012 – Made popular on 07/13/2012

Login or register to post comments
Email this page

Stories similar to How do I use iptables to reject all traffic to localhost port 80 but allow the one that comes from local machine?

this firewall blocks input chain? 16 weeks 6 days ago

I used an online tool to create an iptables firewall. Basically I just need port 22 and 1194 open to the outside world. But I noticed this bash script has input, forward and output chains as accept by default. Is it blocking all traffic but those two ports? Thanks.

[ubuntu] Ports open even though they should be closed 1 year 13 weeks ago

Hey guys,

I don't understand whats going on with my rootserver... I have reset iptables and just opened the port for ssh. Now suddenly over night I see that there are a various of ports open: 21,80, 135, 139, 445, 3128

Could it be that vsftpd for example put rules in automatically to allow input on port 21?

I also tried disabling iptables with this command:

Code: # iptables -X # iptables

IPTABLES allow mail with DROP policy [closed] 25 weeks 5 days ago

I'd like to allow mail through iptables and DROP policy but this script doesn't work what it is wrong here:

## FLUSH de reglas iptables -F

iptables -X

iptables -Z

iptables -t nat -F

## policy iptables -P INPUT DROP

iptables -P OUTPUT ACCEPT

iptables -P FORWARD DROP

# localhost iptables -A INPUT -i lo -j ACCEPT

# Allow my ip iptables -A INPUT -s MY_IP -j ACCEPT

# 80 port iptables -A I

[ubuntu] Iptables Help 34 weeks 1 day ago

I'm trying to set up iptables to block all traffic except ssh but, no matter what I do, it's blocking outgoing ssh. The commands that I'm using are shown below. Oddly, I can SSH into the box, just not out.

How to remove a mark set by iptables? 25 weeks 5 days ago

I'm setting marks with iptables like this

iptables -t mangle -A POSTROUTING -d 192.168.1.143 -j MARK --set-mark 10

if I want to clear what I do is remove all with

iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT

instead of removing all the rules to clear thi

iptables -L lags on non localhost or anywhere address 36 weeks 1 day ago

I am trying to configure iptables for ubuntu 10.04 and I have a problem with iptables -L lagging on rows where the destination or source address is not localhost or anywhere.

Iptables blocks outgoing HTTP connection 33 weeks 9 hours ago

I've setup IPTables with the following script...

iptables: Allow port range but deny to certain IP 45 weeks 3 days ago

I am running a server which needs UDP ports 1000:11000 opened, as well as TCP 10011 and 30033 open to function.

I have a set of iptables rules set to allow SSH and those ports, and intentionally left out 2010 as I am getting attacked on that port. The server does not block the incoming IP even when told to do so.

CentOS 5, port 8080 won't allow traffic 1 year 23 weeks ago

I'm trying to open up port 8080 on my CentOS 5, Apache 2.2.3 server. When I go to ip:8080/mydirectory - it times out.

How do I use iptables to reject all traffic to localhost port 80 but allow the one that comes from local machine?

Search

Best published stories

Beautiful linux wallpapers

Tags