[bug#48753] iptables example update

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#48753] iptables example update

From:	Arun Isaac
Subject:	[bug#48753] iptables example update
Date:	Wed, 16 Jun 2021 12:48:41 +0530

Hi Eric,

> Thank you for applying the patch, I think it’s much better. Truthfully
> i am relieved that you are an iptables newbie and so am I!

:-P

> I think there could still be some work done to this recommendation.
> For example, when I use this updated iptables firewall selection, I am
> unable to telnet into ports open on localhost.  An example is that I
> am a heavy user of VNC/SSH tunnel connections and it doesn’t let me do
> that, it blocks e.g. port 5902.  (A similar naive rule in nftables
> does let this work!!!)

I'm not able to reproduce this. I built and started a container with an
ssh server on port 5902. And, I was able to connect fine with
telnet. Could you describe the precise steps, configuration, etc. to
reproduce this issue?

> But so many examples are given in iptables (esp. WireGuard stuff) and
> so if you have no objections, I would like to take a further look and
> maybe even ask around as to what the ‘ufw allow ssh’ behavior
> vis-a-vis iptables best practices.

Sure, please do! You don't need my permission for that! :-)

Regards,
Arun

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

bug#48753: iptables example update, Arun Isaac, 2021/06/03
- [bug#48753] iptables example update, Eric Brown, 2021/06/06
  - [bug#48753] iptables example update, Arun Isaac <=

Prev by Date: [bug#48953] [PATCH v3 3/3] gnu: dino: Enable missing features.
Next by Date: [bug#48953] [PATCH v4 1/3] gnu: dino: Remove duplicate inputs.
Previous by thread: [bug#48753] iptables example update
Next by thread: [bug#48815] [PATCH] gnu: Add emacs-djvu3.
Index(es):
- Date
- Thread