Re[2]: simple iptables rules

To: debian-firewall@lists.debian.org
Subject: Re[2]: simple iptables rules
From: Léon Hagenaars <leon@hagenaars.nu>
Date: Thu, 9 Oct 2003 08:33:54 +0200
Message-id: <[🔎] 1496684112.20031009083354@hagenaars.nu>
Reply-to: Léon Hagenaars <leon@hagenaars.nu>
In-reply-to: <[🔎] 200310091133.53024.tarragon@onthe.net.au>
References: <[🔎] 200310082038.53894.rlem6983@mail.usyd.edu.au> <[🔎] 20031008160927.6d5c70ce.l13614@alunos.uevora.pt> <[🔎] 200310091133.53024.tarragon@onthe.net.au>

Thursday, October 9, 2003, 3:33:53 AM, Tarragon Allen wrote:

TA> On Thursday 09 October 2003 01:09, Tiago Fernandes wrote:
>> hi,
>>
>> i thing that this should do the trick, for you
>>
>> iptables -F
>> iptables -P INPUT DROP
>> iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT
>> iptables -A INPUT -i "ppp0 or -s external_ip" -m state --state 
>> ESTABLISHED,RELATED -j ACCEPT
>>
>> all packages related with sended packages should be accepted.

TA> You might need to add this as well :

TA> iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

TA> t
TA> -- 
TA> GPG: http://n12turbo.com/tarragon/public.key

I don't think te "iptables -A OUTPUT" line is needed, as the default policy is
ACCEPT and I don't see anything has changed in the OUTPUT of iptables.

-- 
Best regards,
 Léon                            mailto:leon@hagenaars.nu

Reply to:

Follow-Ups:
- Re: Re[2]: simple iptables rules
  - From: Tarragon Allen <tarragon@onthe.net.au>
- Netwolves
  - From: "asrap" <asrap@hotmail.com>

References:
- simple iptables rules
  - From: Renai <rlem6983@mail.usyd.edu.au>
- Re: simple iptables rules
  - From: Tiago Fernandes <l13614@alunos.uevora.pt>
- Re: simple iptables rules
  - From: Tarragon Allen <tarragon@onthe.net.au>

Prev by Date: Re: ICMP drop.
Next by Date: Re: ICMP drop.
Previous by thread: Re: simple iptables rules
Next by thread: Re: Re[2]: simple iptables rules
Index(es):
- Date
- Thread