IPTables is running on my web server. I really need SSH dynamic port forwarding, but my IPTables DROP any INPUT/OUPUT connection, only allow some ports.
For FORWARD chain, I wrote these rules:
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcpflags:!
I used an online tool to create an iptables firewall. Basically I just need port 22 and 1194 open to the outside world. But I noticed this bash script has input, forward and output chains as accept by default. Is it blocking all traffic but those two ports? Thanks.
I have the follwing iptables rules:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- localhost.localdomain anywher
I want to bind IPs to non-root users so that all outgoing applications will use that IP for the user.
I'm trying to find out why changing my default iptables policy is affecting what nmap sees when it scans my host.
Consider the following iptables setup:
iptables -F
iptables -A INPUT -p tcp -s 10.1.0.0/20 --dport 22 -j ACCEPT
iptables -P INPUT ACCEPT
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j AC
Gcool wrote:Plain old iptables will do just fine.
Hey guys,
I don't understand whats going on with my rootserver...
I have reset iptables and just opened the port for ssh.
Now suddenly over night I see that there are a various of ports open:
21,80, 135, 139, 445, 3128
Could it be that vsftpd for example put rules in automatically to allow input on port 21?
I also tried disabling iptables with this command:
Code:
# iptables -X
# iptables
I have these iptables rule.
I currently installed openvpn on CentOS 6 64bit and everything is working fine but I want to portforward a client "user" so they can use that port.
Email this page
