On Sunday 07 March 2004 21:37, Adesina Adebiyi wrote: > Hello gentle expert, > > I am trying to adapt the iptables firewall for my hosting server. That > is, http, https will be running on it to serve ecommerce clients. I > have adapted rules to allow tcp inbound services for port 80 and 443. > To be able to respond to the requesting clients, do I need > corresponding tcp outbound services on port 80 and 443? Or does the > first inbound rule take care of this automatically since anyone that > makes a tcp request is most likely to expect a reply? This is what ESTABLISHED and RELATED are for, you might like to add rules that use these two states. I use the following in my firewall script, you may wish to be a bit stricter. Also, if you have a default DROP rule on your OUTPUT chain, you'll need to add a similar rule in there too. # Allow anything that's already setup iptables -A INPUT -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT Hope that helps, David
