Forum Replies Created
November 4, 2010 at 7:05 pm in reply to: Firewall rules #51269olegMember
Failure in login doesn’t have to do with the firewall. If you can see the login screen, then the firewall is allowing the traffic. However what may happen is to see the login screen cached, in which case you cannot understand that it is blocked by the firewall. Best solution is to watch the counters of the iptables with the command
iptables -L -v
to see if the blocked packets or the accept packets raise when you try to connect.
thanks for reply but I hope I found the solution for failure login.
I create INPUT and OUTPUT rules to allow to use services in the Zeroshell:
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
The Reason for that because of using DROP target:
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -m state –state ESTABLISHED, RELATED -j ACCEPT
iptables -A FORWARD -m state –state ESTABLISHED, RELATED -j ACCEPT
iptables -A OUTPUT -m state –state NEW,ESTABLISHED, RELATED -j / ACCEPT
So hopefully it will helps me
Anyway thanks a lotNovember 4, 2010 at 6:52 pm in reply to: Firewall rules #51268olegMember
I have a problem with login to the web interface through the https. I set INPUT chain to drop and then I set to allow https connection with opened 443 port. But i can see connection login screen but the login failed. It works fine as follow:
iptables -A INPUT -p All -j Accept #means that all services and protocols allowed to the firewall which is bad security policy.