admin管理员组

文章数量:1403066

I'm doing the following exercise:

Launch a web server on TCP/8080 port on your target and use iptables to block incoming traffic on that port.

Starting from this iptables

$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

What I did is:

# run web server on port 8080
sudo systemctl start apache2

# solution 1: drop the packet
sudo iptables -A INPUT -p tcp --dport 8080 -j DROP

DROP works: when I go to http://localhost:8080 in the browser, the connection times out.

# flush iptables
sudo iptables -F

# solution 2: reject the packet
sudo iptables -A INPUT -p tcp --dport 8080 -j REJECT

REJECT doesn't work: when I go to http://localhost:8080 in the browser, I can see the Apache2 default page. I was expecting to get the "port unreachable" error?

Thanks ahead for your help :)

本文标签: iptablesREJECT rule doen39t work but DROP does for dropping localhost8080 packetsStack Overflow

版权声明:本文标题:iptables - REJECT rule doen't work but DROP does for dropping localhost:8080 packets - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1744346321a2601782.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。