Hello gentlemen.
I want to solve a little problem with iptables.
Let's suppose that i've a valid ruleset called MYBLOCK with all ips i want to block.
$ iptables --list
Chain FORWARD (policy DROP)
DROP all -- anywhere anywhere set MYBLOCK src,dst
Everything works fine but if I've this ip: 2.2.2.2 in the ruleset I can't access it via browser because I've blocked it (drop). Is there a way to block the ip but allow me to access it via browser (allow destination port 80 and 443)?
ipset v4.5, protocol version 4
iptables v1.3.8
This is the command i use to apply my ruleset:
$ iptables -I FORWARD -m set --set MYBLOCK src,dst -j DROP
Shortly, I don't know how to make iptable to allow destination port 80. I've tried everything without success
Please tell me if you need more info.
Thanks in advance for your attention and support.