IPTABLES internal/external nic configuration
Posted on 2004-08-19
I can't seem to figure out what I am doing wrong with my IPTABLES rules. I have 2 nics on this machine. I wanted to trust everything from eth0 and deny everything but port 80 on external nic.
# iptables -F
# iptables -A INPUT -i eth1 -s 192.168.1.0/24 -j REJECT - I want to reject spoofed addresses pretending to be my internal nic
# iptables -A INPUT -i lo -j ACCEPT - accept everything on the loopback
# iptables -A INPUT -i eth0 -j ACCEPT - except everything on the internal nic
# iptables -A INPUT -p tcp --dport www -j ACCEPT - is limiting this to the eth1 needed?
# iptables -A INPUT -j LOG -m limit
# iptables -A INPUT -j REJECT
# service iptables save
I restart iptables but then I am unable to ssh into eth0.
Any ideas what is wrong in my config?