ikevin 2017-01-26 03:32:29
ikevin 2017-01-26 03:33:11
jamesp_, iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
jamesp_ 2017-01-26 03:37:49
ok will give it a try
jamesp_ 2017-01-26 03:39:59
ACCEPT tcp -- anywhere anywhere tcp dpt:http state RELATED,ESTABLISHED
jamesp_ 2017-01-26 03:40:07
still not getting the website showing though
ikevin 2017-01-26 03:40:23
you have set all in 1 rule?
jamesp_ 2017-01-26 03:40:38
yes
jamesp_ 2017-01-26 03:40:43
is that not right?
ikevin 2017-01-26 03:40:47
do it on 2 rules
jamesp_ 2017-01-26 03:40:52
righto
ikevin 2017-01-26 03:41:22
if it's not working, be sure it's http and not https
jamesp_ 2017-01-26 03:41:36
working! - so if i block port 80 now that forward will stop?
ikevin 2017-01-26 03:42:05
if you want to stop the forward, just remove the forward rule
jamesp_ 2017-01-26 03:42:32
ok so ive got this
jamesp_ 2017-01-26 03:42:35
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
jamesp_ 2017-01-26 03:42:35
ACCEPT tcp -- anywhere anywhere tcp dpt:https
jamesp_ 2017-01-26 03:42:42
yes i know its https :)
jamesp_ 2017-01-26 03:42:46
but 80 is still working
ikevin 2017-01-26 03:43:43
look like ok, 2nd rule allow new connection, 1st rule allow if connection is already established
jamesp_ 2017-01-26 03:44:25
im lost, sorry im not the best at iptables lol
jamesp_ 2017-01-26 03:44:38
i jsut wanna be able to filter out ports so they can be blocked before the NAT takes over
jamesp_ 2017-01-26 03:45:01
so only port 80,442 goes to one server but only 22 might go to another server