Urgent: Please help me about block port 80

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dear sir/madam,

My goal is to allow only one IP(192.168.1.10) to access my server via
port 80 or 8080 and forward all request from port 80 to port 8080.

What I do is as below.

*nat
:PREROUTING ACCEPT [1:48]
:POSTROUTING ACCEPT [3:230]
:OUTPUT ACCEPT [3:230]
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp -s 192.168.1.10/255.255.255.255
--dport 8080 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp -s 192.168.1.10/255.255.255.255
--dport 80 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j REJECT
COMMIT

It seems that the port 80 and 8080 open to public after I add prerouting
rule.  Would you mind how I could acheive my goal?  Thanks a lot.

Best regards,
Patrick
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux