LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   not work: iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 3306 -j DROP (http://www.linuxquestions.org/questions/linux-security-4/not-work-iptables-i-input-5-m-state-state-new-m-tcp-p-tcp-dport-3306-j-drop-570213/)

abefroman 07-17-2007 04:58 PM

not work: iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 3306 -j DROP
 
This IP tables command is still letting connections through other than myip:
iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp -s myip/32 --dport 3306 -j ACCEPT
iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 3306 -j DROP

Why isnt that working?

rossonieri#1 07-18-2007 08:19 AM

hi,

what policy you have for the INPUT? DROP or ACCEPT?
and, pls set your blocked interface and turn on logging - easier to troubleshoot.
in your rule - even your loopback address cant connect to your sql.

HTH.


All times are GMT -5. The time now is 01:35 PM.