Am Mit, 2003-08-13 um 22.49 schrieb Glenn Hancock: > I have my rules setup the way I would guess they should be based on 5 > tutorials, 1 book and the man pages. However, I still can't seem to > get the thing to do what I want. Could someone please help me? > > I will make this very simple: Is this for a local machine? > 1) I want to allow all incoming requests to port 80 # Allow new connections to port 80 iptables -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT > 2) I want to allow all outgoing requests .... period. # Allow outgoing connections iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT # Allow all packets belonging to established connections come back iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT > > > I want to drop all other incoming requests not addressed to port 80. iptables -P INPUT DROP iptables -P OUTPUT DROP Cheers, Ralf -- Ralf Spenneberg RHCE, RHCX Book: Intrusion Detection für Linux Server http://www.spenneberg.com IPsec-Howto http://www.ipsec-howto.org Honeynet Project Mirror: http://honeynet.spenneberg.org
