I wrote these iptables but I cannot use the browser after I start the service.
iptables --flush
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables -A INPUT -p tcp -d 192.168.2.112 --dport 5900 -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.2.112 --sport 5900 -j ACCEPT
iptables -A INPUT -p tcp -d 192.168.2.112 --dport 80 -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.2.112 --sport 80 -j ACCEPT
iptables -A INPUT -p tcp --sport 1024:65535 -d 192.168.2.112 --dport 21 -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.2.112 --sport 21 --dport 1024:65535 -j ACCEPT
iptables -A INPUT -p tcp --sport 1024:65535 -d 192.168.2.112 --dport 20 -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.2.112 --sport 20 --dport 1024:65535 -j ACCEPT
iptables -A INPUT -p tcp --sport 1024:65535 -d 192.168.2.112 --dport 1024:65535 -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.2.112 --sport 1024:65535 --dport 1024:65535 -j ACCEPT
the port 5900 is because I am working on a remote lab
I looked for the last 2 hours to find what could be wrong with my firewall but could not find anything.
I am thinking that maybe the order is wrong. I should probably re-write all this but I need to follow a different order.
Thank you for your time.
You need to allow traffic from and to port udp/tcp 53 (DNS). Without them you will no be able to resolve names to IP’s.