Hello,
Follwing a recent theread on this list, I've configued my firewall to
allow incoming traffic from specific IP's only. Now I can't ssh
outside, could some please explain why this happening ?
The system is redhat 4.
[root@prd-001 ~]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- xxx.114.183.1 anywhere
ACCEPT all -- yyy.8.145.182 anywhere
ACCEPT all -- zzz.68.137.158 anywhere
ACCEPT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@prd-001 ~]# iptables-save
# Generated by iptables-save v1.2.11 on Wed Aug 8 19:26:51 2007
*filter
:INPUT DROP [110564:24802104]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [637061:352312072]
-A INPUT -s xxx.114.183.1 -j ACCEPT
-A INPUT -s yyy.8.145.182 -j ACCEPT
-A INPUT -s zzz.68.137.158 -j ACCEPT
-A INPUT -i lo -j ACCEPT
COMMIT
# Completed on Wed Aug 8 19:26:51 2007
Trying to ssh to "aaa.bbb.216.35" fails with timeout, looking at
tcpdump on the otherside shows no TCP handshack is made.
Thank you for your help,
Maxim.
--
Cheers,
Maxim Veksler
"Free as in Freedom" - Do u GNU ?
Follwing a recent theread on this list, I've configued my firewall to
allow incoming traffic from specific IP's only. Now I can't ssh
outside, could some please explain why this happening ?
The system is redhat 4.
[root@prd-001 ~]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- xxx.114.183.1 anywhere
ACCEPT all -- yyy.8.145.182 anywhere
ACCEPT all -- zzz.68.137.158 anywhere
ACCEPT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@prd-001 ~]# iptables-save
# Generated by iptables-save v1.2.11 on Wed Aug 8 19:26:51 2007
*filter
:INPUT DROP [110564:24802104]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [637061:352312072]
-A INPUT -s xxx.114.183.1 -j ACCEPT
-A INPUT -s yyy.8.145.182 -j ACCEPT
-A INPUT -s zzz.68.137.158 -j ACCEPT
-A INPUT -i lo -j ACCEPT
COMMIT
# Completed on Wed Aug 8 19:26:51 2007
Trying to ssh to "aaa.bbb.216.35" fails with timeout, looking at
tcpdump on the otherside shows no TCP handshack is made.
Thank you for your help,
Maxim.
--
Cheers,
Maxim Veksler
"Free as in Freedom" - Do u GNU ?