7 years ago

I'd like to ask you guys a question about iptables. I have an ubuntu virtual image and I need to do some work with iptables. As an example:

I have a network diagram and on that diagram there is a web server running mysql.
This is the rule I want to use:

iptables -A INPUT -s -dport 14887 -j ACCEPT

This says to accept packets from computers wanting to make connections to mysql on, which is the ip address of my virtual machine, and then drop the others

Apparently i don't have to setup create a network of virtual machines because I can test the rule using just 1 machine, but i'm not sure because i'm a newbie at this
Any advice would be greatly appreciated. Great site by the way!

7 years ago
EDIT - I was wrong. Here goes again...

Welcome to TSR, first of all!

I have to say your post is a little muddled, and I'm not sure what you're trying to do. The way I understand it is this: you have MySQL listening on, correct? You're wanting to accept connections from on that port and drop everything else?

If I'm correct, then this rule should be fine and only needs to be applied on the machine itself running MySQL ( and you should be good to go. You can test it by simply using any machines which can reach the VMs, whether or not they're host machines or other guests running on the same network. Both of these could be connected and configured to use a loopback interface of some kind for testing purposes.

