iptables rule to allow access to internet

security iptables firewall
6,323

iptables rules are sequential, meaning the first rule they hit that matches gets executed. rules like ACCEPT, DROP, and REJECT are terminal, meaning the packet will not proceed further into the chain.-A means append. So what you've done is

  • match everything and REJECT it # everything stops here
  • accept tcp port 80 # we never reach this because everything stopped there ^

unfortunately tcp port 80 is part of everything, and thus you never reach your second rule. Flush your INPUT chain with -F and reverse the order in which you run your rules. I also recommend reading Dan Robbins article on stateful firewall design which is not just for gentoo or 2.4 kernels.

Share:
6,323

Related videos on Youtube

Chankey Pathak
Author by

Chankey Pathak

Note: Inactive since past 4 years (restrictions at workplace) Project: TutsWiki - An open source platform to provide collaborative tutorials. LinuxStall - A place for all your Linux needs. Find me: Google+ Twitter LinkedIn GitHub Email: [email protected]

Updated on September 18, 2022

Comments

  • Chankey Pathak
    Chankey Pathak over 1 year

    I made default policy of my machine-

    iptables -A INPUT -j REJECT #DROP ALL PACKETS TO INPUT CHANNEL

    INPUT channel has been blocked. Now I want to allow only some specific services like I should be able to access the internet. So what rule should I add? Port 80 is for HTTP so I tried allowing that port by

    iptables -A INPUT -p tcp --dport 80 ACCEPT

    But it didn't work. Let me know how can I do this?

  • Chankey Pathak
    Chankey Pathak over 12 years
    I flushed the rule and after that I put these rules, why doesn't iptables -A INPUT -p tcp --sport 80 -j ACCEPT; iptables -A INPUT -j DROP working?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Help! My server has been hacked - .IptabLes and .IptabLex in /boot
How do I allow multiple ports simultaneously in UFW?
How can I block ping requests with IPTables?
How to Block SSH Brute Force via Iptables and How does it work?
UDP packet and firewall
iptables blocking from internet side on eth1?
iptables couldn't load target allow
Iptables: Block all countries except my own for specific port
How do you setup egress rules with iptables (on Ubuntu)?
iptables - Block incoming on Eth1 and Allow All from eth0