Yo Darryl!
The forward rule is for packets coming in one port and going out another.
That is not the case for packets coming in one port and staying to get
to mysql. You need to work with the "-INPUT" rules, not the -FORWARD
RULES. RTFM "man iptables"
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701
[EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676
On Sat, 9 Jun 2001, 1stFlight wrote:
> I'm trying to block my MySql port from the outside world and I've RTFM like
> all hell so I'm just about the point where my hair is turning grey. I'm
> using the rule
>
> /sbin/iptables -A -FORWARD -i -eth0 -p tcp --dport 3306 --tcp-flags ALL ALL
> -j DROP
>
> to try to block it, but everytime I portscan myself (nmap beta25) it still
> finds it. Can anyone tell me what's screwed up with the rule or is Nmap just
> that good?
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.linux-learn.org/faqs
