# Generated by iptables-save v1.4.8 on Sat Jun 15 23:23:13 2013 *filter :INPUT ACCEPT [35:6316] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [17:1648] -A INPUT -p tcp -m tcp --dport 30009 -j REJECT -A INPUT -s 127.0.0.1/32 -p tcp -m tcp --dport 30009 -j ACCEPT COMMIT # Completed on Sat Jun 15 23:23:13 2013
This does not seem to work.
This is the case on the server
telnet 127.0.0.1 30009 Trying 127.0.0.1 ... telnet: Unable to connect to remote host: Connection refused
The two lines are reversed …
Iptables is executed when it meets a match, so it was REJECT first, and the following rules did not work.