How do I use iptables to reject all traffic to localhost port 80 but allow the one that comes from local machine?

iptables

How do I use iptables to reject all traffic to localhost port 80 but allow the one that comes from local machine?

Here is my current solution that doesn't seems to block the traffic. the ip, the the ip of the local machine. If I do not put the 2nd line, all the traffic is block, and with it enabled, all the traffic is accepted ?!

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

iptables -A INPUT -p tcp --dport 80 -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -s 10.80.225.83 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j LOG --log-prefix "TCP LOGDROP: "

Just to be sure:

  • 10.80.225.83 is the ip of the web server, where I want to be able to access 127.0.0.1:80
  • I do want 10.80.225.83 to reject any connections on port 80, others then the ones originated from localhost.

Solution 1:

iptables -I INPUT ! -i lo -p tcp --dport 80 -j DROP

When you the traffic goes from your machine to your machine, always has the input interface "lo". It doesn't matter the src or dst IP address.

Related

Sphinx "searchd" can not start
Reclaim disk space after deleting Magento MySQL database
testing signals on an ethernet cable
Monotonic clock on OSX
Does resizing a vector invalidate iterators?
How to convert a date in this format (Tue Jul 13 00:00:00 CEST 2010) to a Java Date (The string comes from an alfresco property)
ConcurrentModificationException thrown by sublist [duplicate]
How to enable experimental C++11 concurrency features in MinGW?
Using PUT and DELETE methods in Spring MVC
how to write to a new cell in python using openpyxl
Get Weeks In Month Through Javascript
Setting a cookie in a WebBrowser control