Find the answer to your Linux question:
Results 1 to 1 of 1
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Block third party initiated connections while allowing outgoing?


    Hello, file sharing application is unable to connect third party servers via internet after i iptables blocked INPUT from all ips except mine IPs (by setting DROP policy on INPUT chain and then whitelisting several IPs.

    I think i should limit this INPUT blocking only to certain type of connections:


    i read some instructions on what is ESTABLISHED, NEW, RELATED

    https://www.linuxtopia.org/Linux_Fir...les/x1347.html
    https://serverfault.com/questions/37...elated-packets

    but do not understand which one to use in iptables so the server can receive trackers (any remote servers) responses, but do not upload any data to peers obtained by the trackers. Only download from peers.

    I prefer if i do not work with port used by the app as the app is made to use random "filesharing" port.

    -----

    i think my explanation is hard to understand. maybe in another words:
    i want iptables INPUT not block connections which was requested/went thru iptables OUTPUT (TCP?) can i do that, how to block all incoming except these ones? If that is not possible, how can i block outgoing connections which are result of INCOMING connection?

    UPDATE: i added this rule into INPUT chain with DROP policy:
    iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
    and trackers now connected and delivered peers, i am unsure if that rule is safe (i do not want to upload any data to the peers) and if i should also add RELATED state.
    Last edited by postcd; 2 Weeks Ago at 09:36 AM.
    https://zeronet.io - Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent network

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •