LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   iptables firewall (http://www.linuxquestions.org/questions/linux-networking-3/iptables-firewall-374984/)

ninjaz 10-20-2005 06:01 AM

iptables firewall
 
I have a NAT set up on my linux box and now I'm trying to get the fire wall working. What I want to have is just the firewall to block everything and then punch holes for the different services that are running. When I do this though it seems to block everything, even the services that I have running (ie my web server). My output from the tables are:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp spt:10000
ACCEPT tcp -- anywhere anywhere tcp spt:http
ACCEPT tcp -- anywhere anywhere tcp spt:domain
ACCEPT udp -- anywhere anywhere udp spt:domain
ACCEPT tcp -- anywhere anywhere tcp spt:ssh
DROP all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Thanks,
Jason

ninjaz 10-20-2005 08:21 AM

I am also getting an error message everytime I apply new settings:
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: raw filter mangle nat [FAILED]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]

iron_death 10-20-2005 10:19 AM

Re: iptables firewall
 
For blocking all incoming traffic you must set default input policy to DROP.

Code:

#iptables -P INPUT DROP


All times are GMT -5. The time now is 01:23 PM.