Re: iptables and services

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



used as:
iptables -P INPUT DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -I INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT

This worked fine for 80.



But my clinets can looged on to samba acting as a domain controller. why the default policy is not working for samba ie 139. i manually did a DROP to 139 . still my users can log in.
Is this tell me that netbios-ssn is open?
Thanks
Paras.

Alex Ilyushin writes:
paras wrote:
hi all
I have default policy to DROP on one machine. but i want the web server (80) to be accessed from the internet but it is not working with the following script. help plz.
iptables -P INPUT DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
Wrong order of rules. You must add -P INPUT DROP after all rules, or use -I (insert).
---
Alex.

------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
    To unsubscribe email security-discuss-request@linuxsecurity.com
        with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux