[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Iptables




On Jun 27, 2014 8:14 AM, "Diogene Laerce" <me_buss777@yahoo.fr> wrote:
>

> iptables -A INPUT -i eth0 -p udp -s 192.168.0.2/32 -d 192.168.0.1
> --dport 137 -j ACCEPT
> iptables -A INPUT -i eth0 -p udp -s 192.168.0.2/32 -d 192.168.0.1
> --dport 138 -j ACCEPT
> iptables -A INPUT -i eth0 -m state --state NEW,ESTABLISHED -p tcp -s
> 192.168.0.2/32 -d 192.168.0.1 --dport 139 -j ACCEPT
> iptables -A INPUT -i eth0 -m state --state NEW,ESTABLISHED -p tcp -s
> 192.168.0.2/32 -d 192.168.0.1 --dport 445 -j ACCEPT
>

> Any clue ?
>

Clues, sure. It probably doesn't matter but establishing state in the middle of your rules looks weird. Second, don't silently drop stuff - make a log and drop chain. Last (probably your issue) is you're filtering out broadcasts. But if you log your drops, that'll be very apparent.


Reply to: