Hi
This is my iptables configuration (only allow chronyd for NTP):
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p tcp --dport 53 -m owner --uid-owner chrony -j ACCEPT
-A OUTPUT -p udp --dport 53 -m owner --uid-owner chrony -j ACCEPT
-A OUTPUT -p
I'd like to allow mail through iptables and DROP policy but this script doesn't work what it is wrong here:
## FLUSH de reglas
iptables -F
iptables -X
iptables -Z
iptables -t nat -F
## policy
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
# localhost
iptables -A INPUT -i lo -j ACCEPT
# Allow my ip
iptables -A INPUT -s MY_IP -j ACCEPT
# 80 port
iptables -A I
How to allow outgoing trafic only for http and ssh?
i've tried:
iptables -A OUTPUT -p tcp --dport ssh -j ACCEPT
iptables -A OUTPUT -p tcp --dport http -j ACCEPT
but as soon as i add
iptables -A OUTPUT -j DROP
nothing works, it blocks everything.
I hear that it's a bad idea to edit iptables by hand.
I want to open 443.
Quote:
iptables -A INPUT -p tcp -m tcp --sport 443 -j ACCEPT
iptables -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT
BUT***
I'm trying to open up port 8080 on my CentOS 5, Apache 2.2.3 server. When I go to ip:8080/mydirectory - it times out.
I'm trying to open up port 8080 on my CentOS 5, Apache 2.2.3 server. When I go to ip:8080/mydirectory - it times out.
Hi
I'm having some problems with my VPS running Ubuntu Server 11.04 x64.
I have sendmail installed on Ubuntu 10.04 solely for the use of the php mail() function.
so i am trying to allow ssh access to a certain range of ips (from 192.168.1.1 to 192.168.1.24) and block all the rest but since i am new to iptables i can't seem to figure, i have :
iptables -A INPUT -s 192.168.1.0/24 -p udp --dport ssh -j ACCEPT
iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport ssh -j ACCEPT
iptables -A INPUT -p tcp --dport ssh -j REJECT
iptables -A INPUT -p udp --dport ssh -
Email this page
