May of messed up iptables rules

General support questions
Post Reply
ben_tvpp
Posts: 10
Joined: 2018/12/04 13:28:51

May of messed up iptables rules

Post by ben_tvpp » 2018/12/06 18:20:54

First time I set up rules and used https://www.digitalocean.com/community/ ... n-centos-6 as a template.

I can still ssh in - fhew - but yum hangs on 'Loading mirror speeds from cached hostfile' so I figure I may of got them wrong (stopping iptables sorts the problem so I defiantly got it wrong). This is the first time i've tried to setup a firewall.

The rules are:
Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
In the router there is a forward for post 80 (which I believe yum used). The port on the server is 80 but the external port forward is 8080 (which is why this is added) although by gut tells me this is not needed.

Any idea what I have done wrong (and how to fix it).

Ben

User avatar
TrevorH
Forum Moderator
Posts: 24052
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: May of messed up iptables rules

Post by TrevorH » 2018/12/06 22:13:39

Post the output from the iptables-save command run as root.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply