IPTables configuration for Localhost

Posted by Gabe Mc on Server Fault See other posts from Server Fault or by Gabe Mc
Published on 2010-06-11T04:32:17Z Indexed on 2010/06/11 4:43 UTC
Read the original article Hit count: 358

Filed under:

iptables

|

localhost

I have a problem in connecting a JIRA instance running on a cloud server to an instance of MySQL running on the same box. I have configured it previously using quite a few iptables rules, but it seems overly broad/terribly inprecise. I want access to several of localhosts ports from the local machine, but deny it from all other accounts. Currently, my /etc/iptables.rules file looks like:

*filter
:INPUT DROP [223:17779]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [10161:1120819]

# SSH Access
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT

# Apache2 Access for connecting to Tomcat on port 8080
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT 

# MySQL
-I INPUT -i lo -p tcp -m tcp --dport mysql -j ACCEPT
COMMIT

However, this doesn't allow me to log in when I try logging in; it just hangs on:

#> mysql -u root -p -h 127.0.0.1

The Tomcat servlet container starts throwing all kinds of exceptions, as well.

This is a more general problem, as I need to enable things like accessing the shutdown port for the Tomcat container, but I need to at least get the MySQL part ironed out first, without the ugliness I was originally trying.

Thanks.

© Server Fault or respective owner

Related posts about iptables

Sometimes this script fails to update the iptables

as seen on Server Fault - Search for 'Server Fault'
It does not happen often, but sometimes after running the below script, checking the iptables with service iptables status shows that they weren't updated and the script doesn't output any error. The iptables is structured as look-up tree (long repeated sections snipped): #!/bin/sh iptables -t… >>> More
My current iptable configuration doesn't work [on hold]

as seen on Server Fault - Search for 'Server Fault'
sudo chkconfig iptables off /etc/init.d/iptables on ### Clear/flush iptables sudo iptables -F sudo iptables -P INPUT ACCEPT sudo iptables -P OUTPUT ACCEPT sudo iptables -P FORWARD ACCEPT ### Allow SSH iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables… >>> More
L2TP iptables port forward

as seen on Server Fault - Search for 'Server Fault'
Hi all, I'm setting up port forwarding for an L2TP VPN connection to the local Windows 2003 VPN server. The router is a simpel Debian machine with iptables. The VPN server works perfect. But I cannot log in from the WAN. I'm missing something. The VPN server is using a pre-shared key (L2TP) and… >>> More
iptables -P FORWARD DROP makes port forwarding slow

as seen on Server Fault - Search for 'Server Fault'
I have three computers, linked like this: box1 (ubuntu) box2 router & gateway (debian) box3 (opensuse) [10.0.1.1] ---- [10.0.1.18,10.0.2.18,10.0.3.18] ---- [10.0.3.15] | box4, www [10.0.2.1] Among other… >>> More
IPtables AWS EC2 NAT/Reverse NAT - For Reverse Proxy style setup but with IPtables

as seen on Server Fault - Search for 'Server Fault'
I was thinking initially needing to do a reverse proxy or something so I could get some SSL/TLS traffic look like it is being terminated at a server and IP address in the AWS cloud, and then that traffic is forwarded onto our actual web servers that aren't in the cloud... I've not done much iptables… >>> More

Related posts about localhost

PPTP connection disconnect

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
My pptp connection wont stay connected, it will disconnect in less than a minute here are some relevant log entries May 31 13:32:31 localhost NetworkManager[931]: <info> Starting VPN service 'pptp'... May 31 13:32:31 localhost NetworkManager[931]: <info> VPN service 'pptp' started (org… >>> More
Fedora error log file

as seen on Server Fault - Search for 'Server Fault'
I am running a java application using this wrapper service yajsw. The problem it just stopped without any error in its logs file. So I was wondering will there be any system log file which will indicate the cause of it going down? Partial of the log file. Apr 6 00:12:20 localhost kernel: imklog… >>> More
Gearman too many processes issue

as seen on Server Fault - Search for 'Server Fault'
I use Net_Gearman from PECL, Gearmand 1.1.11 and Gearman Manager. Every time I add background job, I can see new worker listed with no Function, nor Id in Ggearman-Monitor: If I add many messages in the bash loop, after some time it becomes very slow. for i in $(seq 0 9999); do php Client.php… >>> More
localhost lookup fails, browser tries www.localhost.com instead

as seen on Stack Overflow - Search for 'Stack Overflow'
I used to run web applications all the time on my laptop, no problems, I am using VWD 2008 Express, i have the latest framework, Windows Vista Home Basic...etc.. Now, when ever i try to run a website, or even chose to Show a Page in Browser from Within VWD, the browser (both IE and Firefox) keeps… >>> More
Nginx + php-fpm "504 Gateway Time-out" error with almost zero load (on a test-server)

as seen on Server Fault - Search for 'Server Fault'
After debugging for 6-hours - I am giving this up :| We have a nginx+php-fpm+mysql in LAN with almost 100 wordpress (created and used by different designers/developers all working on test wordpres setup) We are using nginx without any issues from long. Today, all of a sudden - nginx started returning… >>> More