Quote:
Originally Posted by koziej
does it look right?
Code:
iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:40317
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state ESTABLISHED
ACCEPT udp -- anywhere anywhere state ESTABLISHED
ACCEPT udp -- anywhere anywhere udp spt:40317
ACCEPT udp -- anywhere anywhere udp spt:49317
ACCEPT udp -- anywhere anywhere udp spt:33434
ACCEPT all -- localhost.localdomain anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere localhost.localdomain
|
#1 - that looks like the Amazon firewall - I offer zero, zip, nada support for that.
#2 - consistent with the behavior you describe - drops any new incoming connections (except to Amazon's control ports).
#3 - When (If) you install the KUAL firewall, you can disable the BBB (Block Big Brother) feature and still have the more detailed (and easily changed) firewall structure.