Re: IPTables & HTTPD Conflict

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Sorry, when i replied to the thread, i seemed to have copied only
guido, here's a re-send:

Here are our rules (pls refer to the thread for the problem
description), hope you could share us your vasluable insight.
--------------------------------------------------------------------------
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A FORWARD -j RH-Lokkit-0-50-INPUT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 25 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 21 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 23 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 2049 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:1023 -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2049 -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 6000:6009 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 7100 --syn -j REJECT
COMMIT
--------------------------------------------------------------------------



On Apr 4, 2005 5:40 PM, Askar <askarali@xxxxxxxxx> wrote:
> how should we suggest something without watchen your iptables rules set?
> 
> regards
> 
> 
> On Apr 4, 2005 8:11 AM, J A <jake.lists@xxxxxxxxx> wrote:
> > Hello All,
> >
> > We're using Redhat 9
> > We've been running a Web Server (Apache & Tomcat), and were told to
> > run a firewall, in this case IPTables.  When we enabled IPTables, many
> > of our web sites (BUT not all) could no longer be browsed from the
> > Internet.
> >
> > Could you tell us which specific IPTables parameter is doing this, so
> > we could disable only the specific parameter?
> > Or is it not advisable to run IPTables side-by-side with Web services?
> >
> > Thanks, appreciate your ideas.
> >
> > ---jake
> >
> >
> 
> --
> I love deadlines. I like the whooshing sound they make as they fly by.
> Douglas Adams
>
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux