Hi All, I'm in the process of setting up a new Virtual Private Server and am using Plesk to configure to firewall (among other things).
I have the firewall configured how I want it within Plesk. However, when I SSH into the box and list the firewall rules (using iptables -L -n) I get way more rules than I setup within Plesk. I'm thinking that there must be several rules that were there beforehand as default from the hosting provider. One thing I do notice, however, is that for a given chain (in this case Input chain) the very first rule is: -A INPUT -j VZ_INPUT The INPUT chain looks something like this (as given by iptables -L -n): Chain INPUT (policy DROP) target prot opt source destination VZ_INPUT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 190.93.240.0/20 0.0.0.0/0 tcp dpt:80 ACCEPT tcp -- 108.162.192.0/18 0.0.0.0/0 tcp dpt:80 blah, blah..... Chain VZ_INPUT (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:4643 ... all the rest of the rules I entered in Plesk.... VZ_INPUT is a user-defined rule that Plesk puts in and that chain has all the rules I entered in the Plesk panel. My question is: if the above VZ_INPUT rule is the very first rule in the INPUT chain, does that mean for all input packets jump to the VZ_INPUT chain and process those rules, thus bypassing all the other inputs? The same sort of layout is also present for the OUTPUT & FORWARD chains. Any thoughts are appreciated. Thanks, Peter
--------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
