Re: iptables - I don't get it working
Hi Joerg,
I don't quite understand your script (I'm not an expert though).
Something that worked very well for me can be found at
http://www.seligma.com/linux-user/firewalls/ .
For further information, see also http://www.netfilter.org/unreliable-guides/ .
On Tue, Oct 14, 2003 at 01:30:12PM +0200, Joerg Johannes wrote:
> Hi everybody
>
> I have configured my kernel with iptables enabled:
> # IP: Netfilter Configuration
> # CONFIG_IP_NF_CONNTRACK is not set
> # CONFIG_IP_NF_QUEUE is not set
> CONFIG_IP_NF_IPTABLES=y
> CONFIG_IP_NF_MATCH_LIMIT=m
> CONFIG_IP_NF_MATCH_MAC=m
> CONFIG_IP_NF_MATCH_PKTTYPE=m
> CONFIG_IP_NF_MATCH_MARK=m
> CONFIG_IP_NF_MATCH_MULTIPORT=m
> CONFIG_IP_NF_MATCH_TOS=m
> CONFIG_IP_NF_MATCH_RECENT=m
> CONFIG_IP_NF_MATCH_ECN=m
> CONFIG_IP_NF_MATCH_DSCP=m
> CONFIG_IP_NF_MATCH_AH_ESP=m
> CONFIG_IP_NF_MATCH_LENGTH=m
> CONFIG_IP_NF_MATCH_TTL=m
> CONFIG_IP_NF_MATCH_TCPMSS=m
> CONFIG_IP_NF_MATCH_UNCLEAN=m
> CONFIG_IP_NF_MATCH_OWNER=m
> CONFIG_IP_NF_FILTER=m
> CONFIG_IP_NF_TARGET_REJECT=m
> CONFIG_IP_NF_TARGET_MIRROR=m
> CONFIG_IP_NF_MANGLE=m
> CONFIG_IP_NF_TARGET_TOS=m
> CONFIG_IP_NF_TARGET_ECN=m
> CONFIG_IP_NF_TARGET_DSCP=m
> CONFIG_IP_NF_TARGET_MARK=m
> CONFIG_IP_NF_TARGET_LOG=m
> CONFIG_IP_NF_TARGET_ULOG=m
> CONFIG_IP_NF_TARGET_TCPMSS=m
> CONFIG_IP_NF_ARPTABLES=m
> CONFIG_IP_NF_ARPFILTER=m
> CONFIG_IP_NF_ARP_MANGLE=m
>
> Then I went to
> http://www.lowth.com/LinWiz/1.09/PersonalFirewall/fw.pl/iptables
> and accepted the default settings, downloaded the generated shell script
> and ran it. Afterwards, I could not surf the web anymore, could not get
> emails with pop / send with smtp => all the net was dead. I have
> attached the script, maybe some experts can tell me what to do.
>
> Thanks,
> joerg
>
> --
> Gib GATES keine Chance!
>
>
Viele Grüße
--
Joachim Fahnenmüller
# Hi! I'm a .signature virus. Copy me into
# your ~/.signature to help me spread!
Reply to: