I am using the following iptables rule to try allowing access to port 8080 from one IP address:
iptables -A INPUT -s 12.34.56.78 -p tcp -m tcp --dport 8080 -j ACCEPT
However, this rule isn't working. If I remove the -s 12.34.56.78 part, then it works, but it allows anyone access to port 8080 (not desired).
When I run iptables -L after applying the rule above, I get the following (which mystifies me - why won't it just display the actual IP in the source?):
root@wso-solr:/etc# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT tcp -- host-12-34-56-78.host.com anywhere tcp dpt:http-alt ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
I'm wondering if this might be some sort of dns oddity that causes iptables to see the wrong IP address/DNS entry for my particular server (it returns the host-ip.host.com for source instead of the IP address...).
Looks like I was using the wrong IP address. My hosting provider identified the true IP of the server upon which my VPS was residing. I entered that, and everything worked like magic!