[ale] iptables ruleset blocks external traffic... OUTPUT policy is ACCEPT

Fri May 16 16:36:42 EDT 2014

Quick follow-up.   Is there a way in iptables to redirect traffic from
non-ssl to ssl (such as 80 to 443)?  I'm already handling this with Apache,
but wondered if I could safely cut off all non-encrypted traffic this way,
or if this even makes sense.

I'm getting Bad Request after adding
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 443
and accessing content over http.

On Fri, May 16, 2014 at 3:00 PM, Jim Kinney <jim.kinney at gmail.com> wrote:

> yep! blocking the gateway will do that as well :-)
>
> Glad it's working.
>
>
> On Fri, May 16, 2014 at 2:51 PM, Adrya Stembridge <
> adrya.stembridge at gmail.com> wrote:
>
>> Got it sorted out and feel like a total newb for not seeing this earlier.
>>   I only obtain content from a single external machine. Once I added that
>> machine's IP to the INPUT ruleset, my system is able to reach/retrieve info
>> as before.
>>
>> Thanks for the help.
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>>
>
>
> --
> --
> James P. Kinney III
>
>
>
>
>
> *Every time you stop a school, you will have to build a jail. What you
> gain at one end you lose at the other. It's like feeding a dog on his own
> tail. It won't fatten the dog. - Speech 11/23/1900 Mark
> Twainhttp://heretothereideas.blogspot.com/
> <http://heretothereideas.blogspot.com/>*
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140516/d327f760/attachment.html>