Hello again,
I have an apache server with a router and then the ADSL modem
connected
to the internet. I have a domain name for the website and use a dyn
DNS
service. Now I wonder if my redhat 8.0 iptables setting is good or not
since my friends experience freezing problems when they surf the
website
with 'forward' 'back' 'refresh' of IE6.x buttons:
/sbin/iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Lokkit-0-50-INPUT (1 references)
target prot opt source destination
ACCEPT udp -- MY_ISP_DNS_SERVER1 anywhere udp
spt:domain dpts:1025:65535
ACCEPT udp -- MY_ISP_DNS_SERVER2 anywhere udp
spt:domain dpts:1025:65535
ACCEPT tcp -- anywhere anywhere tcp
dpt:http flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp
dpt:ssh flags:SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere
REJECT tcp -- anywhere anywhere tcp
flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp
reject-with icmp-port-unreachable
I actually don't add the following entries to the iptables:
ACCEPT udp -- MY_ISP_DNS_SERVER1 anywhere udp
spt:domain dpts:1025:65535
ACCEPT udp -- MY_ISP_DNS_SERVER2 anywhere udp
spt:domain dpts:1025:65535
Anyway, could you please verify whether my iptables setting is
appropriate
for a web sever? If not, how could I change it properly?
Thanks and best regards,
Wenjie
|
Similar Threads
Linear Mode
