Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Iptables help required
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Iptables help required

arpanjotarpanjot Member
edited October 2016 in Help

Hello Everyone

Was working with iptables on a new machine and I am facing some problem in implementing the rules.Please find the config below

Chain INPUT (policy ACCEPT)

target prot opt source destination

DROP tcp -- anywhere anywhere tcp dpt:https

DROP tcp -- anywhere anywhere tcp dpt:http

Chain FORWARD (policy ACCEPT)

target prot opt source destination

DOCKER-ISOLATION all -- anywhere anywhere

DOCKER all -- anywhere anywhere

ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED

ACCEPT all -- anywhere anywhere

ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

Chain DOCKER (1 references)

target prot opt source destination

ACCEPT tcp -- anywhere 172.17.0.2 tcp dpt:https

ACCEPT tcp -- anywhere 172.17.0.2 tcp dpt:http

Chain DOCKER-ISOLATION (1 references)

target prot opt source destination

RETURN all -- anywhere anywhere

Chain f2b-sshd (0 references)

target prot opt source destination

RETURN all -- anywhere anywhere

Despite dropping all http and https connections,I am still able to access the website using the IP of the vps.I remember using similar configurations on another vps and things worked there.Any idea what I am missing? A hint or some advice will be really helpful.

Comments

  • arpanjotarpanjot Member
    edited October 2016

    update- iptables -A INPUT -p tcp --dport 80 -j DROP

    this rule worked on another vps but fails to load with docker installed on current vps running discourse.

  • There is error in the first line...

Sign In or Register to comment.