how? redirect apache2 outbound ports to specific ports w/iptables?
does all outbound have to be open for apache2 to operate?
Incoming is fine, however i'd like to block many outbound ports and only allow X-XX outbound or so for apache2 to send the content back to the incoming connections of which outbound ports are needed. The problem - apache2 uses too many outbound and random ports for this and the randomness is the problem and I'd like to make that random to known ports. I hope u get what i'm trying to say. I just can't figure out the rule.. :) if any..to do this... |
Quote:
Code:
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT |
tried it and on ur -dport 80 rule I had to add -m state :/
other than that - it won't work except for a direct url, however since I'm trying to imitate access thru 3rd party like urself i opted to go thru a online proxy and with that - i can't access it without outbound ports directly open. the site i'm trying to test thru ie: the proxy is: http://www.unblocked.org/ |
Quote:
Quote:
|
1.) I'm using arno-iptables-firewall
2.) it won't let me post my arno-config 3.)I won't post my custom-rules - as it's just basic blocking of ad ips, proxy ips (no the proxy site is not blocked) + a few performance or whatever rules, ie: non in there should affect it to where it won't let the outside connect. I'll post a few snippets from the log soon. |
Code:
droppedIN= OUT=ppp0 SRC=4.246.211.71 DST=67.159.45.52 LEN=60 TOS=0x00 PREC=0x00 TTL=255 ID=60653 PROTO=TCP SPT=80 DPT=58555 WINDOW=5792 RES=0x00 ACK SYN URGP=0 Code:
droppedIN= OUT=ppp0 SRC=4.246.211.71 DST=67.159.45.52 LEN=60 TOS=0x00 PREC=0x00 TTL=255 ID=60663 PROTO=TCP SPT=80 DPT=34583 WINDOW=5792 RES=0x00 ACK SYN URGP=0 |
All times are GMT -5. The time now is 11:59 PM. |