Originally Posted by
Less
Вот так
Code:
iptables -A INPUT -p tcp -d 192.168.1.1 --dport 8877 -j ACCEPT
Только странно что не пускает с внутри сети.
Дайте вывод
Code:
iptables-save -t filter
попробовал то что вы посоветывали - не помогло.
вот ptables-save -t filter
PHP Code:
# Generated by iptables-save v1.2.7a on Wed Mar 25 09:27:08 2009
*filter
:INPUT DROP [8:2029]
:FORWARD ACCEPT [12:624]
:OUTPUT ACCEPT [883:111623]
:MACS - [0:0]
:SECURITY - [0:0]
:logaccept - [0:0]
:logdrop - [0:0]
-A INPUT -m state --state INVALID -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -m state --state NEW -j ACCEPT
-A INPUT -i br0 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22888 -j ACCEPT
-A INPUT -d 192.168.1.1 -p tcp -m tcp --dport 8877 -j ACCEPT
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -m state --state INVALID -j DROP
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i ! br0 -o ppp0 -j DROP
-A FORWARD -i ! br0 -o vlan1 -j DROP
-A FORWARD -m conntrack --ctstate DNAT -j ACCEPT
-A FORWARD -o br0 -j DROP
-A SECURITY -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit --limit 1/sec -j RETURN
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j RETURN
-A SECURITY -p udp -m limit --limit 5/sec -j RETURN
-A SECURITY -p icmp -m limit --limit 5/sec -j RETURN
-A SECURITY -j DROP
-A logaccept -m state --state NEW -j LOG --log-prefix "ACCEPT " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logaccept -j ACCEPT
-A logdrop -m state --state NEW -j LOG --log-prefix "DROP " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logdrop -j DROP
COMMIT
# Completed on Wed Mar 25 09:27:08 2009
Даже если политику для INPUT делаю ACCEPT все равно не работает.
PHP Code:
telnet 192.168.1.1 8877
telnet: Unable to connect to remote host (192.168.1.1): Connection refused