[CentOS] Firewall frustration
Robert Moskowitz
rgm at htt-consult.com
Thu Jan 3 13:03:09 UTC 2008
Christopher Chan wrote:
>
>> I tried it. I had everything open. Then I blocked everything. Then I
>> set up a rule to allow SSH in to eth0 and out eth1 (and the other
>> way). At least I thought that was what the rules said, but no SSH
>> connectivity through the firewall. That was when I realized that I
>> had not found the necessary incantation, and I had already shot most
>> of tuesday.
>>
>
> Too bad you missed the documentation on netfilter then.
And that is the crux of the problem. Finding the right documentation....
And to look at documentation on netfilter besides iptables.
> It would have told you that the INPUT chain controls what comes to the
> box, the OUTPUT chain what originates from the box and the FORWARD
> chain what goes through the box.
>
> You would have needed a rule in FORWARD to allow ssh connections
> through the box. The rules in the INPUT and OUTPUT chains would have
> zero effect on connections going through.
>
> Anyways, you have something now but in case you want to give iptables
> another go...
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
More information about the CentOS
mailing list