iptables and X (KDE)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all,
I'm a newbie on firewalling and I'm trying to understand how to make my Woody
box work with iptables activated and even let me start KDE.
At the present, as you can see in the attached file, I'm filtering exim and
cups in input chain (plus other ping stuff), but I'm not sure it's a good
idea. It's safe, but I've got to disable it at all to connect to the inet.
I'm not understanding if it hangs because of some strange services KDE needs
to start at the beginning and I'm not able to discover those ports and
behaviour.
I'm really needing help and suggestions about this little problem.
TIA.
Matteo
- --
Matteo Vescovi
Email: mbishops(at)tiscali(dot)it
GPG Key: http://web.tiscali.it/revese/dhc_key.asc
Fingerprint: 18CE 32E6 399B 8212 549E 1E1F C299 A22E 184C 01CA
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE++sw6wpmiLhhMAcoRAnd1AJ9tPQjtPkJbH8CzS+YYB7XwJj0HFACfaVF4
72yCCWUE2YksyP/h6wqLwtY=
=LPak
-----END PGP SIGNATURE-----
# Generated by iptables-save v1.2.6a on Sat Jun 21 20:25:11 2003
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
[0:0] -A INPUT -i lo -j ACCEPT
[0:0] -A INPUT -d 127.0.0.1 -p tcp -m tcp --dport 25 -j ACCEPT
[0:0] -A INPUT -s 127.0.0.1 -p tcp -m tcp --sport 631 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p icmp -m icmp --icmp-type 0 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p icmp -m icmp --icmp-type 3 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p icmp -m icmp --icmp-type 11 -j ACCEPT
[0:0] -A FORWARD -i ppp0 -m state --state INVALID,NEW -j DROP
[0:0] -A OUTPUT -s 192.168.1.255 -j DROP
COMMIT
# Completed on Sat Jun 21 20:25:11 2003
# Generated by iptables-save v1.2.6a on Sat Jun 21 20:25:11 2003
*nat
:PREROUTING DROP [0:0]
:POSTROUTING DROP [0:0]
:OUTPUT DROP [0:0]
[0:0] -A POSTROUTING -s 192.168.1.0 -o ppp0 -j MASQUERADE
[0:0] -A OUTPUT -s 192.168.1.255 -j DROP
COMMIT
# Completed on Sat Jun 21 20:25:11 2003
Reply to: