Im having problems with iptables not doing what i want :(
I have a Ubuntu computer set up as bridge between gateway and lan, with the lan connected to eth0 and eth1 connected to gateway.
I'm trying to get it to basically block everything incoming except for the ports i specify (www, smtp ++), but also allow outgoing traffic. I've found, tried, modified some examples i found on the web, but still it wont block incoming traffic (ie, im still able to reach my webserver)
These are the rules im running now, and i can't figure out why it wont block incoming:
iptables -S gives me
Any advice on what im doing wrong is appreciated :(
Did you try:
iptables --policy FORWARD DROP
and just allow the ports you want
iptables -A FORWARD -i $LAN_IFACE -o $EXT_IFACE -p tcp --dport 80 -j ACCEPT
answered 03 May '10, 00:37
Using physdev seems to make it work:
Many thanks to SuperJediWombat! and TimothyEBaldwin on linuxquestions.org forum!