RE: iptables starts blocking outbound http traffic

View Post

Joseph L. Casale RE: [CentOS] iptables starts blocking outbound http traffic

+1 vote

[ Flat Thread Threaded ]

>Why do you try to filter outbound connections at all? If "something" makes 
>it on your machine the first thing they will do is drop your rules.

You imply the *only* reason for outbound filtering is stop a hacker. In some
environments it serves as an additional layer of protection against other problems
related to configuration/application issues as an example.

jlc

_______________________________________________
CentOS mailing list
[email protected: C...@centos.org]
http://lists.centos.org/mailman/listinfo/centos

Thread : iptables starts blocking outbound http traffic

Neil Aggarwal Hello: I have a machine running CentOS 5 x86_64. It is running apache httpd and tomcat. For some...

Filipe Brandenburger Hi, If you're using ESTABLISHED, it depends on ip_conntrack being able to track the connections....

Neil Aggarwal Filipe: Thanks for the information. If I do: cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max on...

Filipe Brandenburger Hi, Because this might potentially close several connections and free slots in the conntrack table....

Neil Aggarwal Filipe: I changed the firewall rules on the server that had stopped responding to not use...

Neil Aggarwal Filipe: One of my servers stopped responding again. This time, it was one of those which was not...

Filipe Brandenburger Hi, No problem. Look into the number of busy httpd servers, that might be your problem use a...

Kai Schaetzl Neil Aggarwal wrote on Thu, 6 Nov 2008 08:33:59 -0600: Why do you try to filter outbound...

Joseph L. Casale You imply the *only* reason for outbound filtering is stop a hacker. In some environments it serves...

Highlight

View Post

Flat Thread Threaded | < Prev

Home > Groups > CentOS > iptables starts blocking outbound http traffic (9 posts) > View Post