On Mon, 2014-06-16 at 21:42 -0500, Chuck Campbell wrote: > All of the suggestions are graciously accepted, however, I was actually asking > what I was doing wrong with iptables, and why, with the rules I put in place, > someone was still able to connect to my machine. > > I understand there might be better ways, but if I don't understand what I did > wrong last time, how am I going to figure out how to deny all, then allow > selected, ehrn I can't seem to allow all and deny selected. > > There must be a misunderstanding on my part about how iptables are supposed to work. > > -chuck > > As John R Pierce mentioned one of your first rule in the chain is "RH-Firewall-1-INPUT all -- anywhere anywhere", this simply mean everything with "DROP" after it will be ignored. iptables will work its way down the chain, therefore you have to options 1. remove that line or 2. move it at the bottom of the chain. -- Kind Regards Earl Ramirez GPG Key: http://trinipino.com/PublicKey.asc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 316 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20140616/1d25b47e/attachment-0005.sig>