Simple iptables table doesn't let me forward X windows

To: debian-user@lists.debian.org
Subject: Simple iptables table doesn't let me forward X windows
From: Jason <electron@emypeople.net>
Date: Sat, 20 Jan 2018 12:13:12 -0600
Message-id: <[🔎] 20180120181312.GA10695@emypeople.net>
Mail-followup-to: debian-user@lists.debian.org

Hi,

I am trying to setup (what should be) a simple iptables table between
two machines on a local network, both with static IP addresses. The
machine I want to set up the iptables on is a headless server which I
access using ssh. I want to cut off all communications except with the
machine I ssh from. What I did works except when I try to run a GUI
program on the server to display locally, after a pause I get
something like:

	Geany: cannot open display
or
	xterm: Xt error: Can't open display: localhost:10.0

both of which work before I run the iptables commands.

Here's what I did (000.000.000.000 is substituted for actual IP
address of client machine):

$ sudo iptables -A INPUT -s 000.000.000.000 -j ACCEPT
$ sudo iptables -A OUTPUT -d 000.000.000.000 -j ACCEPT
$ sudo iptables -P INPUT DROP
$ sudo iptables -P OUTPUT DROP

I also tried to add

$ sudo iptables -A INPUT -i lo -j ACCEPT

without success.

What do I need to do to get X forwarding to work?

Thanks!
-- 
Jason

Reply to:

Follow-Ups:
- Re: Simple iptables table doesn't let me forward X windows
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>
- Re: Simple iptables table doesn't let me forward X windows
  - From: Joe <joe@jretrading.com>

Prev by Date: Configuring WebHTTrack as I WANT
Next by Date: Re: Network setup by installer
Previous by thread: Re: Configuring WebHTTrack as I WANT
Next by thread: Re: Simple iptables table doesn't let me forward X windows
Index(es):
- Date
- Thread