hi people i'm new to the list. anyway, I have a very simple firewall on a web server. I want to deny access to everything except the web server (port 80) i have set the poilcy on all chains to drop and i have added a rule to the input chain which says iptables -A INPUT -p tcp --sport 80 -j ACCEPT i've done it like this because the web server has 2 interfaces (eth0 and eth1) which i would like to have access to the server (eth0 is local 10.3.2.0/24 and eth1 is external) i also made a rule for output iptables -A OUTPUT -p tcp -j ACCEPT the problem is that nothing can get to the web server...the packets are being dropped...i checked the counters and none of the rules counted any packets or bytes so the packets are being dropped before the rules. what am i doing wrong or what is a better way to do this? thanks heaps for your help.
Attachment:
signature.asc
Description: This is a digitally signed message part
