LinuxQuestions.org - not work: iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 3306 -j DROP

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - not work: iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 3306 -j DROP (https://www.linuxquestions.org/questions/linux-security-4/not-work-iptables-i-input-5-m-state-state-new-m-tcp-p-tcp-dport-3306-j-drop-570213/)

abefroman

07-17-2007 04:58 PM

not work: iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 3306 -j DROP

This IP tables command is still letting connections through other than myip:
iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp -s myip/32 --dport 3306 -j ACCEPT
iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 3306 -j DROP

Why isnt that working?

rossonieri#1

07-18-2007 08:19 AM

hi,

what policy you have for the INPUT? DROP or ACCEPT?
and, pls set your blocked interface and turn on logging - easier to troubleshoot.
in your rule - even your loopback address cant connect to your sql.

HTH.

All times are GMT -5. The time now is 01:02 PM.