[PLUG] blocking ports using iptables

Sonny To on 23 Aug 2007 04:52:32 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] blocking ports using iptables

From: "Sonny To" <son.c.to@gmail.com>

To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>

Subject: [PLUG] blocking ports using iptables

Date: Thu, 23 Aug 2007 00:52:29 -0400

Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=s1wJZQXegsHW8NrVF7jzDunscOwQUkvqtJgd/u7LTN7Tdyib+pfsWfPevaj/+9ZamN5BW1yZX33PqqJcbyQ9xHvBbR1VdR1QIilsj/hYCGpTEU14NSOQzlzu8KZZVRq1npvTYfysQwInJXukLNNyz9Op3cbR842jslYHWQ+alkM=

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

I have ip masq setup on my router and everything worked fine until I tried to block ports. I added the following rules iptables -A INPUT -j ACCEPT -p tcp --destination-port 22 -i ppp0 iptables -A INPUT -j ACCEPT -p tcp --destination-port 80 -i ppp0 iptables -A INPUT -j DROP -p tcp -i ppp0 this rule is saying, drop everything coming in from ppp0 except on port 22 & 80. computers on the LAN can connect out but the firewall cannot connect out. It seems traffic going out on ppp0 interface is being matched by the 2nd rule. Anyone know how to overcome this? many thanks for any advice! Here is result of iptables -L: [root@obi rc.d]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http DROP tcp -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT 0 -- anywhere anywhere LOG 0 -- anywhere anywhere LOG level warning Chain OUTPUT (policy ACCEPT) target prot opt source destination ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] blocking ports using iptables
From: Dan Widyono <dan@widyono.net>

Re: [PLUG] blocking ports using iptables
From: James Barrett <jadoba@jadoba.net>

Prev by Date: Re: [PLUG] Beginner's Guide to Linux?

Next by Date: Re: [PLUG] blocking ports using iptables

Previous by thread: [PLUG] Re: Beginners Guide to Linux

Next by thread: Re: [PLUG] blocking ports using iptables

Index(es):

Date

Thread