Hello Guys,
recently I have been working on iptables and trying to understand how to use it. Here's a little script I have written to setup a basic firewall for myself:
Code:
#!/bin/bash
if [ `id -u` -ne 0 ]; then
echo "You need root privilege"
exit 1
fi
PROG=/sbin/iptables
$PROG -F
function sethttp {
echo "Opening http port..."
$PROG -A INPUT -p tcp --dport 80 -j ACCEPT
}
function sethttps {
echo "Opening https port..."
$PROG -A INPUT -p tcp --dport 443 -j ACCEPT
}
function settorrent {
echo "Opening torrent port..."
$PROG -A INPUT -p tcp --dport 52413 -j ACCEPT
}
while getopts "hst" option; do
case "$option" in
h) sethttp;;
s) sethttps;;
t) settorrent;;
*) echo "DOH!"
esac
done
$PROG -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$PROG -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$PROG -A INPUT -i lo -j ACCEPT
$PROG -A OUTPUT -o lo -j ACCEPT
$PROG -A INPUT -j DROP
$PROG -A FORWARD -j REJECT
echo "Done setting up the firewall! Enjoy :)"
exit 0
OK, this can take 3 arguments that open ports 80, 443 and 52413. And at the end, some default rules are applied. But here's the thing I don't understand:
if I don't give the argument for port 80, I can still view web pages... and also, when I remove the line:
Code:
$PROG -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Whether I say it to open port 80 or not, I can't view any web pages.
Would you please tell me what's the deal with that line?
Thanks
, but I think the key is in the "established,related" part... Do note that the order (sequence) of rules applied matters! IPtables will apply the first rule that matches the incomming pattern, disgarding the rest of the chain.
