LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-09-2005, 10:07 PM   #1
gizza23
Member
 
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Rep: Reputation: 31
iptables chain modification


There's this persistent part of my INPUT chain that will not go away.
Code:
ACCEPT     all  --  anywhere             anywhere
Does anyone have any clue how to get rid of such a general rule?
 
Old 07-09-2005, 10:52 PM   #2
Sharaz
Member
 
Registered: Jun 2005
Location: Dallas, TX
Distribution: Fedora 11,12, RedHat4,6, CentOS4,5, FreeBSD7,8
Posts: 70

Rep: Reputation: 16
is that the only rule in there? take a look at the file /etc/sysconfig/iptables. i think you can just omit the offending line. or, if you have no other rules, you can just:

iptables -F
or
iprables -F INPUT

and wipe them so you can start over.

me personally, i write my own firewall scripts for my boxes, and they all begin with:

Code:
#!/bin/bash
iptables --flush
# Set Default Policy for INPUT Chain
iptables -P INPUT DROP
# Allow Related and Established Traffic
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow from Localhost, and ICMP from local LAN
iptables -A INPUT -p icmp -s 192.168.0.0/16 -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT

Last edited by Sharaz; 07-09-2005 at 10:58 PM.
 
Old 07-10-2005, 06:45 AM   #3
gizza23
Member
 
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Original Poster
Rep: Reputation: 31
Lightbulb

Thanks for the help! I did end up deleting that particular line from the INPUT chain (it was the third). There is one thing that I found interesting about your iptables shell. It allows pings from within your network. I'll want to use that later on. So thanks + 1!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables: No chain/target/match by that name schatoor Linux - Networking 6 01-04-2009 10:10 PM
Bad Packet Chain (iptables) Feedback / Suggestions win32sux Linux - Security 1 09-17-2005 08:32 AM
Process order of iptables chain rules. mrpc_cambodia Linux - Networking 1 07-14-2004 01:21 AM
How do I make a iptables chain with sudo work ? rhawi Linux - General 5 06-10-2004 07:02 PM
iptables and LD chain spawing? lode Linux - Networking 8 04-21-2004 04:30 AM


All times are GMT -5. The time now is 04:50 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration