[CentOS] iptables question

Tue Jun 17 03:34:21 UTC 2014
Chuck Campbell <campbell at accelinc.com>

On 6/16/2014 9:44 PM, Earl Ramirez wrote:
> On Mon, 2014-06-16 at 21:42 -0500, Chuck Campbell wrote:
>> All of the suggestions are graciously accepted, however, I was actually asking
>> what I was doing wrong with iptables, and why, with the rules I put in place,
>> someone was still able to connect to my machine.
>>
>> I understand there might be better ways, but if I don't understand what I did
>> wrong last time, how am I going to figure out how to deny all, then allow
>> selected, ehrn I can't seem to allow all and deny selected.
>>
>> There must be a misunderstanding on my part about how iptables are supposed to work.
>>
>> -chuck
>>
>>
> As John R Pierce mentioned one of your first rule in the chain is
> "RH-Firewall-1-INPUT  all  --  anywhere             anywhere", this
> simply mean everything with "DROP" after it will be ignored. iptables
> will work its way down the chain, therefore you have to options
> 1. remove that line or
> 2. move it at the bottom of the chain.

I am clearly missing some emails, because I didn't see a reply from John R 
Pierce. My apologies.
I appreciate you restating this. I'll try to go make sense of iptables, given 
the insight,

thanks,
-chuck

-- 
ACCEL Services, Inc.| Specialists in Gravity, Magnetics |  (713)993-0671 ph.
                     |   and Integrated Interpretation   |  (713)993-0608 fax
448 W. 19th St. #325|            Since 1992             |  (713)306-5794 cell
  Houston, TX, 77008 |          Chuck Campbell           | campbell at accelinc.com
                     |  President & Senior Geoscientist  |

      "Integration means more than having all the maps at the same scale!"