Currently I have an application that is running on 8080 front-ended by mod_proxy.
<Location /hudson> Order allow,deny Allow from all ProxyPass http://localhost:8080/hudson ProxyPassReverse http://localhost:8080/hudson </Location>
I need to block TCP 8080 but not for the localhost how can this be done with IPtables?
You could try the following:
// accept all tcp on port 8080 from localhost iptables -I INPUT 1 -i lo -p tcp --dport 8080 -j ACCEPT [...] all your other rules // drop all other packets iptables -A INPUT -j DROP
If you wanted to allow also 1 (or more) external/other IP you can use this:
// accept tcp on port 8080 from allowed_ip iptables -I INPUT 3 -i eth0 -p tcp --dport 8080 -s allowed_ip -j ACCEPT
Let me know how it goes