you must change to OUTPUT the first rule at least. you're filtering all outgoing packets. ----- Original Message ----- From: "Gianni Pucciani" <gp.puccio@xxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Thursday, April 08, 2004 12:13 PM Subject: opening connection for Tomcat > Hi all, > I was in trouble opening a port for services with tomcat: > Is this rule right? I'm behind an adsl router that forward every > connection on port 8080 to <myprivateip>. > > iptables -P INPUT DROP > iptables -P OUTPUT ACCEPT > iptables -P FORWARD DROP > > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > iptables -A INPUT -p tcp -d <myprivateip> --dport 8080 -s 0.0.0.0 -m > state --state NEW -j ACCEPT > > > >
