How to block high ports in iptables? [SOLVED]
Hello LQ community.
I have a personal iptables configuration to my PC where I use the DROP policy for INPUT (iptables -P INPUT DROP), the only port I am liberating is the 22 (ssh), but I wonder how high ports above 60000 can be accessed since I have a strict policy for incoming traffic. In fact, I have a squid listening at the port 60001 and I can connect to it even using the DROP policy at my iptables.
I have been researching hard at google about it but I cannot find something related to solve my doubts.
So my questions are:
1. Why are the high ports opened even if I have the INPUT policy stricted to DROP?
2. If there's any reason for these ports not to be opened by default, what's the reason for that?
3. Finally, how could I really drop ALL the incoming traffic using iptables?
Thank you very much for your help!
Last edited by sparc86; 12-01-2008 at 07:53 PM.