Hi there,
I got a funny situation when using iptables. Start with a clean sheet:
# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
I'm adding INPUT ACCEPT's for loopback, local interface, local
machines and the machine I'm connection from:
# iptables -A INPUT -i lo -j ACCEPT
# iptables -A INPUT -i eth0 -s 192.168.1.0/24 -d 0.0.0.0/0 -j ACCEPT
# iptables -A INPUT -s x.com -d y.com -j ACCEPT
# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- 192.168.1.0/24 anywhere
ACCEPT all -- x.com y.com
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
And, I'm setting the INPUT policy to DROP:
# iptables -P INPUT DROP
Now if I try a
# iptables --list
the output comes one line at a time and with big delays.
Am I missing something?
Thank you,
Paul
No comments:
Post a Comment