[GLLUG] iptables rules

[Nicholas Kwiatkowski]

Well, to the best of my knowledge, Apache won't respond to an IPv6 request,
unless you explicitly bind to an IPv6 address.  Binding to 0.0.0.0 won't
allow IPv6 requests to be processed.  You can setup multiple bind directives
in the configuration statements.

 

-Nick 

 

From: Richard Houser [mailto:rick at divinesymphony.net] 
Sent: Monday, November 17, 2008 11:23 PM
To: Nicholas Kwiatkowski
Cc: Karl Schuttler; linux-user at egr.msu.edu
Subject: Re: [GLLUG] iptables rules

 

I'm really slow in replying, but I recommend you do both.  After all, we
should always be doing security in layers, right?  Without the default
listen rule, what happens when you add a second IPv6 address or enable IPv6?

On Tue, Nov 4, 2008 at 12:54 PM, Nicholas Kwiatkowski <kwiatk27 at msu.edu>
wrote:

Why not just bind the web server to 127.0.0.1:80 instead of 0.0.0.0:80  ??

-Nick Kwiatkowski
 MSU Telecom Systems


-----Original Message-----
From: linux-user-bounces at egr.msu.edu [mailto:linux-user-bounces at egr.msu.edu]
On Behalf Of Karl Schuttler
Sent: Tuesday, November 04, 2008 11:57 AM
To: linux-user at egr.msu.edu
Subject: [GLLUG] iptables rules

Hello all; I have a server that I want to enable access to port 80 to
only through loopback (I want to force the user to ssh port forward
instead of hitting it through the web. I currently am dropping inbound
port 80 packets, which also disables my ability to port forward. What
do i need to do to make this work; add an allow rule for loopback or
something?
_______________________________________________
linux-user mailing list
linux-user at egr.msu.edu
http://mailman.egr.msu.edu/mailman/listinfo/linux-user

_______________________________________________
linux-user mailing list
linux-user at egr.msu.edu
http://mailman.egr.msu.edu/mailman/listinfo/linux-user

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.egr.msu.edu/mailman/public/linux-user/attachments/20081118/780d33df/attachment.html