Re: iptables and apt-get

[Ian Goodall]

Here is my rule set:     #default input policy /sbin/iptables -P INPUT DROP #allow www/https(ssl) /sbin/iptables -A INPUT -s 0/0 -d 172.16.5.92 -p tcp --dport https -j ACCEPT #allow ssh /sbin/iptables -A INPUT -s 0/0 -d 172.16.5.92 -p tcp --dport ssh -j ACCEPT #allow smtp /sbin/iptables -A INPUT -s 0/0 -d 172.16.5.92 -p tcp --dport smtp -j ACCEPT   #create a new rule for drop # log #/sbin/iptables -N drop-and-log-it #log it #/sbin/iptables -A drop-and-log-it -j LOG --log-level info --log-prefix 'DROPIT' #drop it #/sbin/iptables -A drop-and-log-it -j DROP   #now call the rule to drop and log   /sbin/iptables -A INPUT -j drop-and-log-it     ----------- Thanks   ijg0 ----- Original Message ----- From: Jones, Steven To: 'Ian Goodall' ; debian-security@lists.debian.org Sent: Tuesday, March 11, 2003 1:11 AM Subject: RE: iptables and apt-get shouldnt do   unless you changed the output rules?   please provide your ruleset   Thing -----Original Message----- From: Ian Goodall [mailto:[EMAIL PROTECTED] Sent: Tuesday, 11 March 2003 2:06 To: debian-security@lists.debian.org Subject: iptables and apt-get Hi Guys,   I am setting up iptables on my debain woody box. I have decided to close everyting and then open up just ssh and ssl. This obviously prevents my apt-get update from working. What ports do I need to open for this to work. If it helps I am going through a proxy to get to the internet.   Thanks   ijg0