Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
What are the default policies for the intended chain? What rules appear ahead of this one?
The effect of any single iptables rule can not be understood in isolation. A better description of what you are actually trying to accomplish, and a more complete description of your rules would be necessary for anyone to provide an answer.
If not overly long, posting the output of iptables -L -n would be a good place to start.
We have millions of users who connect to our sites but only several back-end services. This is why I would like to limit the TCP connections in order to create one realistic (back-end) test.
Please place your code snippets inside [CODE]...[/CODE] tags for better readability. You may type those yourself or click the "#" button in the edit controls.
Your description does not provide any useful information. Please see the Site FAQ, inparticular this page and the links in it for help in asking a better question.
The tools and your traffic patterns are not relevant to the question. Are you trying to limit incoming connections to your server, or outgoing connections to remote HTTP servers?
The rules you have posted will allow all incoming and outgoing traffic, nothing will be limited.
The INPUT chain ACCEPTS everything.
The OUTPUT chain ACCEPTS anything which matches your single rule, as well as anything which does not match it.
If you are not familiar with iptables usage, this Iptables How To may be a good place to start. You may also find many other resources online.
Very basically, the way iptables rules work is this:
1. Each packet is tested by each rule beginning at top of a chain (INPUT, OUTPUT, etc.). If it matches the rule it is handled by the target of that rule, ACCEPT, REJECT, DROP, another chain...
2. If it does not match a rule, it continues to the next rule, but first match determines the packet's fate.
3. If it reaches the end of the chain without matching any rule, its fate is determined by the default policy.
In your case, the default policy of the OUTPUT chain is ACCEPT, and your single rule's targe tis also ACCEPT. Hence, if it matches it is accepted, and if it does not match it is accepted.
The minimum you would need to do to enforce the rule would be to set the default policy to DROP. That way packets matching your rule would be accepted, all others would be dropped.
We must have posted at the same time... see post above your last...
Using REJECT with a default policy of ACCEPT would work as well.
Selecting a default policy is very important (and the place to start). But drop-everything plus accept-what-you-want-rules is almost always the better approach.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.