LinuxQuestions.org - Iptables prevents HTTPS

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - Iptables prevents HTTPS (https://www.linuxquestions.org/questions/linux-newbie-8/iptables-prevents-https-4175498740/)

We're not here to reply without reading what other said in the last page (at least)... If you would have read, you would have seen that your post actually contradicts mine.. And that's fine, if it brings something new to the table or, at least, correct..

As for spoon feeding, NotionCommotion actually took my advice (and even corrected one of my lines-- correctly) and others and applied it to his needs without been spoon feed..

So, who's out of line here? ;)

You are great Mr. I am the FOOL...

Yeah.. bye bye now..

Quote:

Originally Posted by Smokey_justme (Post 5137520)

No, it shouldn't.. Please read his first post.. This would add a rule after a DROP rule.. ;)

So, the -A will append a rule at the bottom, correct? Please explain where the DROP rule is, and the effect by adding a rule after a DROP rule.

First off, in your case it is a REJECT rule ... DROP is just more common and it stood on my thoung.. DROP simply drops the package (and is actually what makes the firewall work), while REJECTS drops the package but also sends back an error message to the host that tried to connect to you.. (see: http://www.linuxtopia.org/Linux_Fire...les/x4550.html)

Basically this line:

Quote:

REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

is equivalent to a command line like:

Code:

iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited

Every rule put after (yes, -A appends -- puts the rule on the bottom) would be of no use, since a final action has been taken with that package..

Here's a tutorial for iptables to find out more.. https://www.frozentux.net/iptables-t...-tutorial.html
However, for starters, some small read like this should be enough: https://wiki.archlinux.org/index.php/iptables