[clug] iptables won't let www/http traffic through

Fri Jun 25 05:03:50 GMT 2004

I use the following script to flush the my rules (borrowed from wherever it
states :) ):

#!/bin/sh
# 
# rc.flush-iptables - Resets iptables to default values. 
# 
# Copyright (C) 2001  Oskar Andreasson &lt;bluefluxATkoffeinDOTnet&gt;
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program or from the site that you downloaded it
# from; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA  02111-1307   USA

#
# Configurations
#
IPTABLES="/usr/sbin/iptables"

#
# reset the default policies in the filter table.
#
$IPTABLES -P INPUT ACCEPT
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -P OUTPUT ACCEPT

#
# reset the default policies in the nat table.
#
$IPTABLES -t nat -P PREROUTING ACCEPT
$IPTABLES -t nat -P POSTROUTING ACCEPT
$IPTABLES -t nat -P OUTPUT ACCEPT

#
# reset the default policies in the mangle table.
#
$IPTABLES -t mangle -P PREROUTING ACCEPT
$IPTABLES -t mangle -P OUTPUT ACCEPT

#
# flush all the rules in the filter and nat tables.
#
$IPTABLES -F
$IPTABLES -t nat -F
$IPTABLES -t mangle -F
#
# erase all chains that's not default in filter and nat table.
#
$IPTABLES -X
$IPTABLES -t nat -X
$IPTABLES -t mangle -X

Cheers for the udp tip.

Boris

-----Original Message-----
From: Michael Still [mailto:mikal at stillhq.com] 
Sent: Friday, 25 June 2004 12:28 PM
To: Rousak, Boris
Cc: CLUG
Subject: Re: [clug] iptables won't let www/http traffic through

Rousak, Boris wrote:

> However every time I try to open port 80 both TCP and UDP for the WWW I
> can't get my browser to see anything. 

You don't need UDP here. Could you send us a copy of the iptables 
commands you're using to flush the table, and then populate your rules?

(That's a common gatcha. Perhaps you're adding new rules to the end of 
the table, without flushing out the old rules first).

Cheers,
Mikal

-- 

Michael Still (mikal at stillhq.com) | "All my life I've had one dream,
http://www.stillhq.com            |  to achieve my many goals"
UTC + 10                          |    -- Homer Simpson

************************************************************************
*PLEASE NOTE*  This email and any attachments may
be confidential. If received in error, please delete all 
copies and advise the sender. The reproduction or 
dissemination of this email or its attachments is 
prohibited without the consent of the sender.

WARNING RE VIRUSES:  Our computer systems sweep
outgoing email to guard against viruses, but no warranty 
is given that this email or its attachments are virus free. 
Before opening or using attachments, please check for 
viruses.  Our liability is limited to the re-supply of any 
affected attachments.

Any views expressed in this message are those of the 
individual sender, except where the sender expressly,
and with authority, states them to be the views of the 
organisation.
************************************************************************