Am Mon, 2003-10-13 um 14.09 schrieb Gilles Yue: > Chain INPUT (policy DROP) > > target prot opt source destination > > RH-Lokkit-0-50-INPUT all -- 0.0.0.0/0 0.0.0.0/0 > > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 When establishing a connection with a webserver the packets in the INPUT chain are coming from the webserver port 80, therefore spt:80 not dpt:80 Same to the rest with the exception of DNS. Here you did it correct: > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 By the way, you get more info on the rules using iptables -vnL Cheers, Ralf -- Ralf Spenneberg RHCE, RHCX Book: Intrusion Detection für Linux Server http://www.spenneberg.com IPsec-Howto http://www.ipsec-howto.org Honeynet Project Mirror: http://honeynet.spenneberg.org
