Debian guest iptables config [message #27205] |
Tue, 12 February 2008 05:00 |
jckdnk111
Messages: 11 Registered: January 2008
|
Junior Member |
|
|
Hi,
I'm attempting to create some very basic firewall rules using shorewall on a Debian guest.
I have set a public, static ip and everything works great while shorewall is stopped. I've configured shorewall to only allow incoming ssh and outgoing dns + http (for installing new software via apt-get).
When I start shorewall I see no errors and my incoming rule works fine. I can ssh into the guest. However, when it comes time to to a dns lookup or visit a website nothing outbound works?
My zones are fw, net, and loc.
My only interface is venet0 mapped to net with my public ip.
My only rules are for incoming ssh, outgoing dns, and outgoing http.
My shorewall policy is set to allow all source's to a destination of net and then drop all other traffic.
I'm confused why I can allow incoming traffic but not outbound traffic ... is this a common problem?
Thanks.
|
|
|
|
|
|