iptables firewall doesn't work

[dapim]

this firewall should block ssh access, but i am still able to conect to ssh, why?

# Generated by iptables-save v1.3.1 on Sun Apr 23 06:19:53 2006
*filter
:INPUT ACCEPT [368:102354]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [92952:20764374]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
-A INPUT -j DROP
COMMIT
# Completed on Sun Apr 23 06:19:53 2006

[kevdog]

Can you post:

sudo iptables -L

[MythosLegend]

If you don't want people to connect to your computer via ssh, you should disable the daemon service or you could add the following.

Code:

iptables -A INPUT -p tcp --dport ssh -j DROP

If you don't want people on your computer to connect to other computers via ssh, you could add

Code:

iptables -A OUTPUT -p tcp --dport ssh -j DROP

[dapim]

but firewall should block everything unless acess to http pages, wright or wrong?

but as it is now it allow to connect to everything

[DFord425]

The default settings of iptables is to allow everything. It has to be configured to block what ever you want to block.

[dapim]

but the firewall above should block everything , and allow just conections to port 80

[MythosLegend]

From your iptables output, I can tell that you just copied and pasted it without actually understanding it. If you look at your policies, you will noticed that it is set to accept.