Iptables - after setting input rule in devapp01 still getting failed


In devapp01 i have created a rule for input for http, but still showing it is not set. Shared the image.

Pls help. If i left out anything or mis understood, help me correct it

Hi, @rlkrishna

Thank you, KK team is working on it.

sorry about that. This has been fixed.

Hi, @vijin.palazhi
Thanks for the update.

The entire course is very much helpful.

Thanks a lot to all the members at kodekloud for creating such a platform for learning and interaction.

1 Like

Thank you @rlkrishna for this feedback. Truy appreciated!

In step 10 of the lab, where you add the 3 servers for apt-get update usage (archive.ubuntu.com, archive.canonical.com and security.ubuntu.com), after I added all 3 to iptables OUTPUT, security.ubuntu.com would show as archive.ubuntu.com in iptables -L. I would then drop #1 and try again, same thing. I eventually just closed the lab and figured I would try it again. I also noticed when this happened, that running iptables -L would sometimes hang mid-display and then eventually finish.

Step 10 still does not work - I tried again today. After adding the three sites to allow apt usage, you will find that security.ubuntu.com is converted to archive.ubuntu.com, presumably by some IP lookup that is done by iptables. So, the check always fails. I even tried using the IP address of security.ubuntu.com, but that does not work because your check is using grep for the hostnames. I had to skip the question.

1 Like

hi,
Me too, I’m trying to set sudo iptables -I OUTPUT -p tcp -d security.ubuntu.com --dport 80 -j ACCEPT
but in the iptables appears such as archive.ubuntu.com. I cannot finish this step.


Hello @mcortes
Can you please try again? I just now completed and not faced any issue.

1 Like

Hi @Tej-Singh-Rana

Now it’s working. Thanks.

For me it is still now working.
sudo iptables -I OUTPUT -d security.ubuntu.com -p tcp --dport 80 -j ACCEPT


you can see that security.ubuntu.com has been converted to archive.ubuntu.com probably by dns lookup.

Great @armujahid.

Thanks for sharing.

Lab assignment # 09 failed. iptables rules are added but still it shows failed. Please have a look into it.

@schimbalkar , while analyzing the screenshot it seems that you have not added the rule for security.ubuntu.com, so that validation fails.

Same issue

As you may see that both archive and security are pointing to the same IP(91.189.88.152), thus security.ubuntu.com would not be added to the OUTPUT chain and the check failed finally…