Hi all,

Can somebody explain to me why is when i changed my Chain INPUT Rules from ACCEPT to DROP, i cannot browse the internet despite opening port 80 in the INPUT rule.
However, when Chain INPUT is changed to ACCEPT, browsing the internet works fine. (Note: CHAIN Output is accept for ALL)


The configurations on my IPTABLES are as follows

Chain INPUT (policy DROP)
target     prot opt source               destination
RH-Lokkit-0-50-INPUT  all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere           tcp spt:http
ACCEPT     udp  --  anywhere             anywhere           udp spt:http

Note that my OUTPUT Rules are as follows:

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

I have two network cards installed on my pc - running Red Hat 9.0

Routing for static routes are follows:

xx.yy.zz.aa        0.0.0.0         255.255.255.0       U     0      0        0 eth0
xx.0.0.0           0.0.0.0         255.0.0.0           U     0      0        0 eth1
127.0.0.0          0.0.0.0         255.0.0.0           U     0      0        0 lo
0.0.0.0            zz.zz.zz.zz       0.0.0.0           UG    0      0        0 eth0
0.0.0.0            zz.zz.zz.zz       0.0.0.0           UG    0      0        0 eth1

Where zz.zz.zz.zz is my gateway to the internet.
eth0 - Interface with local address
eth1 - Interface with Internet address.

By the way, is there a way to save static routes because when i reboot my pc, all routes are lost.

Thanks for any help.

gilles