hi all,
Can somebody explain to me why is when i changed my Chain INPUT Rules
from ACCEPT to DROP, i cannot browse the internet despite opening port
80 in the INPUT rule.
However, when Chain INPUT is changed to ACCEPT, browsing the internet
works fine. (Note: CHAIN Output is accept for ALL)
The configurations on my IPTABLES are as follows
Chain INPUT (policy DROP)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp spt:http
ACCEPT udp -- anywhere anywhere udp spt:http
Note that my OUTPUT Rules are as follows:
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
I have two network cards installed on my pc - running Red Hat 9.0
Routing for static routes are follows:
xx.yy.zz.aa
0.0.0.0 255.255.255.0 U 0 0 0 eth0
xx.0.0.0 0.0.0.0 255.0.0.0 U 0
0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0
0 0 lo
0.0.0.0 zz.zz.zz.zz 0.0.0.0 UG 0
0 0 eth0
0.0.0.0 zz.zz.zz.zz 0.0.0.0 UG 0
0 0 eth1
where zz.zz.zz.zz is my gateway to the internet.
eth0 - Interface with local address
eth1 - Interface with Internet address.
By the way, is there a way to save static routes because when i reboot
my pc, all routes are lost.
Thanks for any help.
guy
