INPUT and PORTS /dev/null devnull at
Wed Nov 1 13:49:09 CET 2006

I want to do the following, accept in comings from only
restricting to port 80,22

is this correct? 

-P rules ...
-F rules ...
/sbin/iptables -A FORWARD -d -j ACCEPT
/sbin/iptables -A FORWARD -s -j ACCEPT
/sbin/iptables -A INPUT -s -j ACCEPT
/sbin/iptables -A FORWARD -m multiport -p tcp --ports 80,22 -j ACCEPT
/sbin/iptables -A INPUT -m multiport -p tcp --ports 80,22 -j ACCEPT

Eventhough i saw this setup in many tutorials/howtos,  when ever i want
to block (by not listing him in the INPUT -j ACCEPT), that ip
can still connect to port 80 and 22.


More information about the netfilter mailing list