-   Linux - Networking (
-   -   Iptables rules priority (

exalik 04-07-2003 03:35 AM

Iptables rules priority

I would like to block many ports on my linux machine but i have a rule that accept connexions which have been established by computers from my subnet.

For exemple, if i would like to block the port 139 and a computer of my network area try to connect to internet through this port, is the connexion accepted by the linux server ???


Sutekh 04-18-2003 11:50 PM

I assume you mean that your cuurent setup allows for connections based on the state, that is that if a local machine has initiated the connection them you will accept the responce, but in this case you want to specifically block all connections to port 139.

Assuming this is what you are trying to do all you need to do is put a rule in to block this port, before the rule that checks the state. The iptables rules are handeled in order, if the conditions of rule number 1 are not met then it goes to rule number 2, if they are not met is goes to rule number 3 and so on until it gets to the bottom of all the rules. If it has not made a match at this stage them it does whatever is specified in the policy for that chain.

All times are GMT -5. The time now is 10:55 AM.