Thanks Steven, modified with:
BEFORE:
iptables -A INPUT -i lo -j ACCEPT
AFTER:
iptables -I INPUT 1 -s 127.0.0.0/24 -p tcp --dport 80:65535 -j ACCEPT
iptables -I INPUT 1 -s 127.0.0.0/24 -p udp --dport 80:65535 -j ACCEPT
It changes nothing to the result anyway. Even if I stop completly iptables.
# iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT udp -- 127.0.0.0/24 0.0.0.0/0 udp
dpts:80:65535
ACCEPT tcp -- 127.0.0.0/24 0.0.0.0/0 tcp
dpts:80:65535
ACCEPT udp -- 127.0.0.0/24 0.0.0.0/0 udp dpt:80
ACCEPT tcp -- 127.0.0.0/24 0.0.0.0/0 tcp dpt:80
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with
icmp-port-unreachable
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 0
ACCEPT udp -- 192.168.0.0/24 0.0.0.0/0 udp dpt:631
ACCEPT tcp -- 192.168.0.0/24 0.0.0.0/0 tcp dpt:631
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 192.168.99.0/24 !192.168.0.0/24
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Le 26/06/2013 15:17, Steven McCoy a écrit :
On 26 June 2013 09:06, Laurent Alebarde <[email protected]
<mailto:[email protected]>> wrote:
target prot opt source destination
ACCEPT tcp -- 127.0.0.0/24 <http://127.0.0.0/24> 0.0.0.0/0
<http://0.0.0.0/0> tcp dpt:80
That's clearly only destination port 80.
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
