IPTables and dial-up

To: debian-firewall@lists.debian.org
Subject: IPTables and dial-up
From: David <dlb@bn0.blue.net>(by way of David <dlb@localhost>)
Date: Sun, 12 May 2002 15:45:18 -0500
Message-id: <[🔎] 200205122046.g4CKkIGJ011862@bn0.blue.net>

I have finally gotten iptables set up on my system.  Basically, it is a
single-user desktop with no open services (except for CUPS listening to
127.0.0.1).

I am using a script created by "firestarter" and copied into
 /etc/ppp/ip-up.d. Then, in /etc/ppp/ip-down.d/, I created a file that would
 do iptables -F, -X, and then -Z.  However, I found that after disconnecting,
 CUPS would hang, and nmap could not connect to localhost unless I also reset
 Policies for INPUT and OUTPUT back to ACCEPT.

Is this the proper way to handle iptables?  I'm sure I need to wait until
after connecting to set it up, but then I'm not sure about what to do after
disconnect.  Is it a good idea to reset iptables right after disconnect?

Also, would it also be good to do an iptables reset at shutdown for cases
where I might shut down without disconnecting from my ISP, or does it even
matter that they are shut down?


-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: Re: using DNAT problem
Next by Date: tcp_syncookies
Previous by thread: Re: Problems with dhcp-client
Next by thread: tcp_syncookies
Index(es):
- Date
- Thread