Many thanks
Gianni Rob Sterenborg wrote:
On Thu, 2004-04-08 at 18:30, Alexis wrote:
you must change to OUTPUT the first rule at least. you're filtering all outgoing packets.
In these rules I only see policy ACCEPT for the OUTPUT chain, so IMHO there's no filtering there.
Hi all, I was in trouble opening a port for services with tomcat: Is this rule right? I'm behind an adsl router that forward every connection on port 8080 to <myprivateip>.
iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp -d <myprivateip> --dport 8080 -s 0.0.0.0 -m
state --state NEW -j ACCEPT
Is your Tomcat listening on 8080/tcp ? (netstat -an|grep 8080) Are you sure that your router is forwarding all connections ?
Check with a logging rule between the -m state and the -p tcp rules to see what's going on (if there is) :
iptables -A INPUT -j LOG --log-prefix "_ipt:check"
Gr, Rob
