[lug] IPTables question
Lee Woodworth
blug-mail at duboulder.com
Fri Sep 7 10:42:58 MDT 2007
Does anyone have an idea why this packet is dropped (firewall rules subset at end)?
Its only these type of packets that get dropped from an HTTP connection.
IN= OUT=eth0 SRC=66.17.169.78 DST=63.88.212.82 LEN=64 TOS=0x00 PREC=0x00 TTL=64 ID=48635
DF PROTO=TCP SPT=38836 DPT=80 WINDOW=92 RES=0x00 ACK PSH FIN URGP=0
.....
-A OUTPUT -p tcp --sport 1024:65535 --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -p tcp --sport 80 --dport 1024:65535 ! --syn -m state --state ESTABLISHED -j ACCEPT
-A INPUT -j LOG
-A INPUT -j DROP
-A INPUT -j LOG
-A OUTPUT -j DROP
More information about the LUG
mailing list