Re: iptables

To: debian-user@lists.debian.org
Subject: Re: iptables
From: Jiann-Ming Su <sujiannming@gmail.com>
Date: Sat, 5 Nov 2005 22:21:10 -0500
Message-id: <[🔎] 561dc3260511051921g7c73d4a9t7dd7f007f56cb914@mail.gmail.com>
In-reply-to: <[🔎] 004901c5e217$31329190$6402a8c0@breez>
References: <[🔎] 004901c5e217$31329190$6402a8c0@breez>

On 11/5/05, Roy <pict001a@yahoo.co.uk> wrote:
>
> I've been using Debian since the arrival of Sarge and found it excellent,
> compared to Mandrake.  On Mandrake I was able to configure iptables, as the
> file was located in etc/iptables, unfortunately being new to Debian i'm
> unable to find the location of iptable.
>

Put your iptables rules in a file somewhere convenient, i.e.
/etc/iptables.up.rules:

  *filter
  :INPUT DROP [0:0]
  :FORWARD DROP [0:0]
  :OUTPUT ACCEPT [0:0]
  :IN_TCP - [0:0]
  -A INPUT -i lo -j ACCEPT
  -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  -A INPUT -p tcp -m state --state NEW -j IN_TCP
  -A IN_TCP -p tcp -m tcp --dport 22 -j ACCEPT
  -A IN_TCP -j ULOG --ulog-prefix "IN_TCP cleanup: "
  -A IN_TCP -j DROP
  COMMIT

Then update /etc/network/interfaces:

  #iface eth0 inet dhcp
  iface eth0 inet static
    pre-up iptables-restore < /etc/iptables.up.rules
    address 192.168.1.10
    netmask 255.255.255.0
    gateway 192.168.1.1


--
Jiann-Ming Su
"I have to decide between two equally frightening options.
 If I wanted to do that, I'd vote." --Duckman

Reply to:

Follow-Ups:
- Re: iptables
  - From: Hugo Vanwoerkom <hvw59601@care2.com>

References:
- iptables
  - From: "Roy" <pict001a@yahoo.co.uk>

Prev by Date: Re: What's the right way to rm packages?
Next by Date: Re: What's your favourite FLOSS?
Previous by thread: Re: iptables
Next by thread: Re: iptables
Index(es):
- Date
- Thread