Open thusoy opened 8 years ago
I confirm that running a staging app server and removing iptables -D INPUT -p tcp -m multiport --sports 80,8080,443 -m state --state RELATED,ESTABLISHED -m comment --comment "apt updates" -j ACCEPT
does not inpact apt-get update. It shadows all --state ESTABLISHED,RELATED
INPUT rules.
Looking over the iptables ruleset it seems that this rule on line 24:
-A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT -m comment --comment "Allow traffic back for tor"
shadows the later rules on line 66 and line 89:I haven't configured a local install for testing, but I would guess that the latter rules are never hit?