[CentOS] iptables question
Chuck Campbell
campbell at accelinc.com
Tue Jun 17 03:34:21 UTC 2014
On 6/16/2014 9:44 PM, Earl Ramirez wrote:
> On Mon, 2014-06-16 at 21:42 -0500, Chuck Campbell wrote:
>> All of the suggestions are graciously accepted, however, I was actually asking
>> what I was doing wrong with iptables, and why, with the rules I put in place,
>> someone was still able to connect to my machine.
>>
>> I understand there might be better ways, but if I don't understand what I did
>> wrong last time, how am I going to figure out how to deny all, then allow
>> selected, ehrn I can't seem to allow all and deny selected.
>>
>> There must be a misunderstanding on my part about how iptables are supposed to work.
>>
>> -chuck
>>
>>
> As John R Pierce mentioned one of your first rule in the chain is
> "RH-Firewall-1-INPUT all -- anywhere anywhere", this
> simply mean everything with "DROP" after it will be ignored. iptables
> will work its way down the chain, therefore you have to options
> 1. remove that line or
> 2. move it at the bottom of the chain.
I am clearly missing some emails, because I didn't see a reply from John R
Pierce. My apologies.
I appreciate you restating this. I'll try to go make sense of iptables, given
the insight,
thanks,
-chuck
--
ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph.
| and Integrated Interpretation | (713)993-0608 fax
448 W. 19th St. #325| Since 1992 | (713)306-5794 cell
Houston, TX, 77008 | Chuck Campbell | campbell at accelinc.com
| President & Senior Geoscientist |
"Integration means more than having all the maps at the same scale!"
More information about the CentOS
mailing list