• Registered: 2008-08-03
  • Posts: 1

Topic: IPTables config to work with existing web server

Hi Guys, wondering if anyone can help me with configuration of iptables, i have a fedora machine which i currently use as a web server, when i load the chilli.iptables file, chillispot works but my web server is blocked..

Any help would be much appreciated..

Cheers,
Branko

  • From: Thailand
  • Registered: 2008-06-19
  • Posts: 159

Re: IPTables config to work with existing web server

How do you connect to your server from outside or inside?

this my config

EXTIF="eth0"
INTIF="eth1"

$IPTABLES -P INPUT DROP
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -P OUTPUT ACCEPT



#Allow related and established on all interfaces (input)
$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

#Allow releated, established and ssh on $EXTIF. Reject everything else.
$IPTABLES -A INPUT -i $EXTIF -p tcp -m tcp --dport 22 --syn -j ACCEPT
$IPTABLES -A INPUT -i $EXTIF -p tcp -m tcp --dport 80 --syn -j ACCEPT
$IPTABLES -A INPUT -i $EXTIF -j REJECT

#Allow related and established from $INTIF. Drop everything else.
$IPTABLES -A INPUT -i $INTIF -j DROP

#Allow http and https on other interfaces (input).
#This is only needed if authentication server is on same server as chilli
$IPTABLES -A INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT

some thing like this....

easyzonecorp's Website