Re: Newbie can't get firewall to quit working

To: "Miller, Jeff - x3328" <JeffM@MOHELA.com>
Cc: Debian-Firewall <debian-firewall@lists.debian.org>
Subject: Re: Newbie can't get firewall to quit working
From: InfoEmergencias - Luis Gómez <lgomez@infoemergencias.com>
Date: 19 Nov 2002 21:58:30 +0100
Message-id: <1037739510.8534.13.camel@adelita>
In-reply-to: <BD28EF215F59D511A3FF00D0B7B9D34A021F95DE@mohela2.mohela.com>
References: <BD28EF215F59D511A3FF00D0B7B9D34A021F95DE@mohela2.mohela.com>

Because of you not specifying tables, --flush will only flush the
default table (filter). See:

adelita:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
adelita:~# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
adelita:~# iptables --flush
adelita:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
adelita:~# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
adelita:~# iptables -t nat --flush
adelita:~# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
adelita:~#

I mean, the "nat" table, for instance, is not flushed 'til I do -t nat
--flush. I don't know, but maybe you have rules in those tables?

Regards

	Pope

El mar, 19-11-2002 a las 21:35, Miller, Jeff - x3328 escribió:
> Hi all,
> For some reason a script I wrote from an ipchains tutorial does nothing.
> When I try to get rid of it so I can get back into the machine I cannot. I'm
> doing an iptables --flush, then I set all the policies back to ACCEPT.
> Everything looks ok;
> jeffm@brains:~$ sudo iptables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination         
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination         
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination         
> jeffm@brains:~$ 
> 
> yet the machine is unreachable (can't even ssh to itself). Rebooting fixes
> it. What am I missing?
> Thanks,
> Jeffm
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
-- 
Luis Gómez Miralles
InfoEmergencias - Technical Department
Phone (+34) 654 24 01 34
Fax (+34) 963 49 31 80
lgomez@infoemergencias.com

PGP Public Key available at http://www.infoemergencias.com/lgomez.asc

Reply to:

References:
- Newbie can't get firewall to quit working
  - From: "Miller, Jeff - x3328" <JeffM@MOHELA.com>

Prev by Date: Newbie can't get firewall to quit working
Next by Date: Re: blocking kazaa
Previous by thread: Newbie can't get firewall to quit working
Next by thread: Firewall for pppoe
Index(es):
- Date
- Thread