rackspace cloud centos 5.6 iptables question

akalinowski · Aug 22, 2011

simple question, why cant i get HTTP to work, i restarted iptables service and server, iptables file below:

Code:

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 443 -j ACCEPT
COMMIT

thanks.

akalinowski

http://www.olivelabs.com

akalinowski · Aug 22, 2011

solved my own problem

Code:

-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 443 -j ACCEPT

should be above

Code:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

akalinowski

http://www.olivelabs.com

lgarner · Aug 22, 2011

Actually it's

Code:

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

that was killing you.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

rackspace cloud centos 5.6 iptables question

akalinowski

IS-IT--Management

akalinowski

IS-IT--Management

lgarner

IS-IT--Management

Similar threads

Part and Inventory Search

Sponsor