On Thursday 03 January 2008 12:37:56 Christopher Chan wrote:
> Too bad you missed the documentation on netfilter then. It would have
> told you that the INPUT chain controls what comes to the box, the OUTPUT
> chain what originates from the box and the FORWARD chain what goes
> through the box.
> You would have needed a rule in FORWARD to allow ssh connections through
> the box. The rules in the INPUT and OUTPUT chains would have zero effect
> on connections going through.

It might also help if we put a rule that will log what happens for 
troubleshooting. Put these lines in the last of your rules (pls mind the word 
iptables -A INPUT -m limit --limit 2/m --limit-burst 2 -j LOG --log-prefix '** 
iptables -A OUTPUT -m limit --limit 2/m --limit-burst 2 -j 
LOG --log-prefix '** OUTPUT DROP ** '
iptables -A FORWARD -m limit --limit 2/m --limit-burst 2 -j 
LOG --log-prefix '** FORWARD DROP ** '

We can now see the result in /var/log/messages
Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial 
17:14:40 up 9:52, 2.6.22-14-generic GNU/Linux 
Let's use OpenOffice. http://www.openoffice.org
The real challenge of teaching is getting your students motivated to learn.

Attachment: signature.asc
Description: This is a digitally signed message part.

CentOS mailing list

Reply via email to