Help - Search - Members - Calendar
Full Version: Iptables Help
Linuxhelp > Support > Technical Support
pinkpanther
HI guys im i have 3 computers, all running redhat 7.3 fully patched. I have one computer that is dual homed which is connected to both the internet and the internal network. I have set up iptabless to masquerade and i have interenet connectivity on all my machines. Thats about as far as ive gotten...I want to set up an apache webserver on 192.168.0.2, which is a computer on my internal network. HOw do i set up iptables to deny everything to the outside world except my webserver on my internal network?

My current iptables script is:

iptables -F; iptables -t nat -F; iptables -t mangle -F
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 24.85.209.116 <-------not my ip :-)
echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCEPT
iptbles -P INPUT DROP

thanks everyone!
Joey
I think this should work assuming that eth0 is connected to the internet and eth1 is the local network:

iptables -A INPUT -i eth0 -s 0/0 -d 0/0 -p tcp --dport 80 -j DROP
iptables -A INPUT -i eth1 -s 0/0 -d 0/0 -p tcp --dport 80 -j ACCEPT
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.