Piperみかこ wrote: > Hello, > > I have setup the following iptables on linux server, > > sudo /usr/sbin/iptables -F > sudo /usr/sbin/iptables -A INPUT -s 127.0.0.1 -j ACCEPT > sudo /usr/sbin/iptables -A INPUT -s xx.xx.xx.xx -j ACCEPT # my server > public IP > sudo /usr/sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT > sudo /usr/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT > sudo /usr/sbin/iptables -A INPUT -p tcp -j DROP > > These rules work for incoming connections. > But if I made a request from this server box to the external server, such > as rsync to another remote server, it won't work. > > So how can I set up the outgoing rules as well?
At boot time, there are three chains: INPUT FORWARD OUTPUT each has a policy which determines what happens if no other rule applies. FORWARD is only interesting if you are routing packets. INPUT controls incoming packets. OUTPUT controls outgoing packets. You can specify IPs, interfaces, protocols, ports, and a bunch of other things. -dsr-
