In my CentOS 6 i added a IPtables rules like DROP all the policy like
iptables -P INPUT DROP
Then I allow Port NO 22,80,443 with this command,
iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
Now can access SSH with putty. But i can’t access Internet. I have to know the exact problem of this.? Please help me.
What is default output policy set in iptables
Default OUTPUT policy is ACCEPT. But i can’t access internet connection
Can you change the order - I mean let drop policy be down the order after all your accept policy
Thanks for the reply Guys. It’s Fine working now after this command.
> # Delete all existing rules
> iptables -F
> # Set default chain policies
> iptables -P INPUT DROP
> iptables -P FORWARD ACCEPT
> iptables -P OUTPUT ACCEPT
> # Allow incoming SSH
> iptables -A INPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
> iptables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
> # Allow outgoing DNS Lookups (without it, you can't resolve names in server IPs)
> iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
> iptables -A INPUT -p udp --sport 53 -j ACCEPT
> # Allow ougoing HTTP traffic
> iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
> iptables -A INPUT -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
> # Allow ougoing HTTPS traffic
> iptables -A OUTPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
> iptables -A INPUT -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPTThe rule should basically look like this:
iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
Just in case check the name of the interface in some cases it could be eht1 or if you are using virtual machine it could be completeley different.