PDA

View Full Version : [all variants] allow apt-get using iptables



doobie
July 3rd, 2009, 12:04 AM
What is the minimal (or most secure) way of allowing apt-get to work using iptables? Right now, I have dns working but am having trouble getting the connection (port 80, 21 ?) working.

computer13137
July 3rd, 2009, 12:09 AM
I don't know about anyone else, but I'm confused as to what you're trying to do.

apt-get is an outgoing connection request, I don't see why iptables would be blocking it.

Are you like, trying to run your own repository or something? As far as I know, apt-get only uses port 80 regular old HTTP. If you can browse the web on the machine, I don't see why apt-get wouldn't work too.

-Kirk

doobie
July 3rd, 2009, 12:24 AM
I deny all outgoing by default and would like to allow only the outgoing connections that are required to connect to apt-get repositories and download updates (i.e., so "sudo apt-get update" and "sudo apt-get upgrade outdated" work).

alphacrucis2
July 3rd, 2009, 01:07 AM
I deny all outgoing by default and would like to allow only the outgoing connections that are required to connect to apt-get repositories and download updates (i.e., so "sudo apt-get update" and "sudo apt-get upgrade outdated" work).

As far as I know apt-get only uses tcp port 80 to connect to the repo servers.

superprash2003
July 3rd, 2009, 06:08 PM
you could use gufw to get better control over allowing/denying traffic/ports