block http port

strycnine · #1 28th January 2010, 08:33 PM

Hi, how do I block my http port(80) I tried
iptables -A INPUT -j DROP -p tcp --destination-port 80 -i eth0

with no effect. I tried with gnome-firewall and still nothing. There is another way?

thx

madhavdiwan · #2 28th January 2010, 09:36 PM

how did you test ?

if you test from inside the box (IE from your X display or Gnome) your input will get to the webserver via the localhost loopback device not through your eth0 interface.. in other words your source will be -i lo

you have to either test from another server .. or not use the source element " -i eth0 " in your iptables rule .. ( IE dont use -i eth0 at the end )

strycnine · #3 29th January 2010, 05:44 AM

I tried http://192.168.2.100. when I nmap localhost I can see my postgresql port, but whan I nmap 192.168.2.100 I can not. guess is not a difference at all, I will try another computer.

thx