[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#48753] iptables example update
|
From: |
Eric Brown |
|
Subject: |
[bug#48753] iptables example update |
|
Date: |
Sun, 06 Jun 2021 13:52:57 -0500 |
|
User-agent: |
Cyrus-JMAP/3.5.0-alpha0-519-g27a961944e-fm-20210531.001-g27a96194 |
On Thu, Jun 3, 2021, at 1:46 PM, Arun Isaac wrote:
>
> Hi Eric,
>
> I wrote the iptables service and documentation. So, the mistake is
> entirely due to my poor grasp of iptables! :-)
>
> I have applied your patch, and pushed to master. Thanks!
>
> Cheers,
> Arun
>
> Attachments:
> * signature.asc
Hi Arun,
Thank you for applying the patch, I think it’s much better. Truthfully i am
relieved that you are an iptables newbie and so am I!
I think there could still be some work done to this recommendation. For
example, when I use this updated iptables firewall selection, I am unable to
telnet into ports open on localhost. An example is that I am a heavy user of
VNC/SSH tunnel connections and it doesn’t let me do that, it blocks e.g. port
5902. (A similar naive rule in nftables does let this work!!!)
But so many examples are given in iptables (esp. WireGuard stuff) and so if you
have no objections, I would like to take a further look and maybe even ask
around as to what the ‘ufw allow ssh’ behavior vis-a-vis iptables best
practices.
Best regards,
Eric