1
Let's say I want four ports to be opened for any incoming packets so I made this ruleset:
#> iptables -L -v
Chain INPUT (policy ACCEPT 20 packets, 1190 bytes)
pkts bytes target prot opt in out source destination
1041 103K ACCEPT tcp -- any any anywhere anywhere tcp dpt:111
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:222
208 12056 ACCEPT tcp -- any any anywhere anywhere tcp dpt:333
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:443
(forward and output chains are empty)
Let's now say that there is an SSH server running at port 111 and to connect to this machine I do
ssh username@hostna.me -p 111
then I login and everything works.
But other ports are also left open because default policy is ACCEPT and I haven't added DROP rule. Now I want to add it and type
#> iptables -A INPUT -j DROP
It's a 5th rule.
Now i want to connect again to my opened SSH port. I have a response like username's password:
but it comes like 20 seconds later instead of almost instant without that 5th rule.
So I remove this rule like that
#> iptables -D INPUT 5
and again I can connect to my SSH without any delay.
Why is this?
What have I blocked that I shouldn't have blocked?
p.s: There is a web server running at port 443, when I try to connect from a browser, the page loads indefinitely, but server is live.