GNU bug report logs -
#48753
iptables example update
Previous Next
Reported by: Eric Brown <ecbrown <at> ericcbrown.com>
Date: Sun, 30 May 2021 21:08:01 UTC
Severity: normal
Done: Arun Isaac <arunisaac <at> systemreboot.net>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Hi Eric,
> Thank you for applying the patch, I think it’s much better. Truthfully
> i am relieved that you are an iptables newbie and so am I!
:-P
> I think there could still be some work done to this recommendation.
> For example, when I use this updated iptables firewall selection, I am
> unable to telnet into ports open on localhost. An example is that I
> am a heavy user of VNC/SSH tunnel connections and it doesn’t let me do
> that, it blocks e.g. port 5902. (A similar naive rule in nftables
> does let this work!!!)
I'm not able to reproduce this. I built and started a container with an
ssh server on port 5902. And, I was able to connect fine with
telnet. Could you describe the precise steps, configuration, etc. to
reproduce this issue?
> But so many examples are given in iptables (esp. WireGuard stuff) and
> so if you have no objections, I would like to take a further look and
> maybe even ask around as to what the ‘ufw allow ssh’ behavior
> vis-a-vis iptables best practices.
Sure, please do! You don't need my permission for that! :-)
Regards,
Arun
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 3 years and 342 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.