banderas20
Active Member
Hi everyone
I'm testing iptables on Debian. My idea completely close system incoming connections and step by step go opening selectively to certain IPs and ports.
To start, I deny every incoming with:
Then, I add specific rules so as a particular IP can access port 8080. Any other IP can't.
The problem arises because it only works if default policy is set to ACCEPT. Otherwise it doesn't work. It's as if it does't care about the following rules set...
Another doubt I've come through with rules is, when I list them:
1. I can't see port 8080 anywhere, and I am verbosing it with "v".
2. If I do it without "-n" flag (DNS resolution), in the field source I get different things: "router.lan" and an FQDN apparently coming from Brazil (.br).
With "-n" flag (NOT resolve DNS), I get two duplicated rules (2 tests I did) with the same IP .
¿Anyone knows what's happening?
Any help will be greatly appreciated.
Thanks!
I'm testing iptables on Debian. My idea completely close system incoming connections and step by step go opening selectively to certain IPs and ports.
To start, I deny every incoming with:
Code:
iptables --policy INPUT DROP
Then, I add specific rules so as a particular IP can access port 8080. Any other IP can't.
Code:
iptables -A INPUT -p tcp --dport 8080 -s 191.168.88.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j DROP
The problem arises because it only works if default policy is set to ACCEPT. Otherwise it doesn't work. It's as if it does't care about the following rules set...
Another doubt I've come through with rules is, when I list them:
Code:
iptables -L -v
1. I can't see port 8080 anywhere, and I am verbosing it with "v".
2. If I do it without "-n" flag (DNS resolution), in the field source I get different things: "router.lan" and an FQDN apparently coming from Brazil (.br).
With "-n" flag (NOT resolve DNS), I get two duplicated rules (2 tests I did) with the same IP .
¿Anyone knows what's happening?
Any help will be greatly appreciated.
Thanks!