iptables filter rules Question??

To: debian-user@lists.debian.org
Subject: iptables filter rules Question??
From: fbrian@nac.net
Date: Thu, 22 Jul 2004 08:17:51 -0400 (EDT)
Message-id: <[🔎] 6787.4.20.89.80.1090498671.squirrel@webmail.nac.net>


Hello:

I am having difficulties getting my firewall rules to behave correctly or
atleast as I want them to...

This is my rule set:

1 iptables -P INPUT DROP
2 iptables -A INPUT -p icmp -j ACCEPT
3 iptables -A INPUT -i lo -j ACCEPT
4 iptables -A INPUT -i ppp0 -p tcp --dport 22 -j ACCEPT
5 iptables -A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT
6 iptables -A INPUT -i ppp0 -p tcp -j REJECT --reject-with tcp-reset
7 iptables -A INPUT -i ppp0 -p udp -j REJECT
8 iptables -A INPUT -i ppp0 -j REJECT --reject-with icmp-proto-unreachable

9  iptables -P FORWARD DROP
10 iptables -P OUTPUT ACCEPT

*********************************************************

1.) Line number five does not work, iptables complains when I issue that
rule.

2.) The functionality I want from my firewall rule set is:

      Deny all incoming traffic except, port 22 ssh and allow pings

      Allow all outgoing traffic, as well as, it should be able to come
      back in if it originated from my box

The above rule set did work when I had an ethernet connection on a
different network, but when I changed to dialup, I have problems getting
these to work.

Thanks for the information and help.

Brian

Reply to:

Follow-Ups:
- Re: iptables filter rules Question??
  - From: "s. keeling" <keeling@spots.ab.ca>

Prev by Date: Re: Debian installer beta 4 can't mount ext3 partitions
Next by Date: Urgent :Dual boot Debian+Mandrake with lilo
Previous by thread: Re: ZIP drive question.
Next by thread: Re: iptables filter rules Question??
Index(es):
- Date
- Thread