LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 08-24-2006, 11:57 AM   #1
trewsfan
LQ Newbie
 
Registered: Jul 2005
Posts: 13

Rep: Reputation: 0
iptables -- How do I enable the input chain?


I have a CentOS 4.3 internet gateway which wouldn't boot up recently. I reinstalled CentOS 4.3 and restored a backup copy of the iptables rules, but for some reason the INPUT chain isn't handling any packets. Is there a switch somewhere that needs to be set before it starts doing it's thing?

PREVIOUS:
[tyler@gateway ~]$ sudo /sbin/iptables -t filter -L -v
Password:
Chain INPUT (policy DROP 8252 packets, 1703K bytes)
pkts bytes target prot opt in out source destination
.blah
.blah
.blah

CURRENT:
[root@gateway named]# /sbin/iptables -t filter -L -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
.blah
.blah
.blah

See the zeros there? That doesn't look right to me.
 
Old 08-24-2006, 12:34 PM   #2
w3bd3vil
Senior Member
 
Registered: Jun 2006
Location: Hyderabad, India
Distribution: Fedora
Posts: 1,189

Rep: Reputation: 49
have you enabled iptables.?
chkconfig --list iptables
 
Old 08-24-2006, 12:53 PM   #3
trewsfan
LQ Newbie
 
Registered: Jul 2005
Posts: 13

Original Poster
Rep: Reputation: 0
Yes, the iptables service is running:

[root@gateway ~]# chkconfig --list iptables
iptables 0ff 1ff 2n 3n 4n 5n 6ff
[root@gateway ~]#

The FORWARD and OUTPUT chains are showing packets and bytes being processed. In order to get the FORWARD chain working I had to modify the /etc/sysctl.conf file to include this:

net.ipv4.ip_forward = 1

Maybe there's a similar option for the INPUT chain? I read the sysctl man pages but it didn't say, so I'm googling it now...
 
Old 08-25-2006, 05:54 AM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
there's no option equivalent to net.ipv4.ip_forward for the INPUT chain...

please post your complete output for:
Code:
iptables -L -v -n
my guess is that you have no INPUT rules to allow any packets...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables chain modification gizza23 Linux - Networking 2 07-10-2005 06:45 AM
iptables and LD chain spawing? lode Linux - Networking 8 04-21-2004 04:30 AM
forwarded traffic is caught by input chain kc8tbe Linux - Security 5 04-14-2004 03:14 PM


All times are GMT -5. The time now is 08:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration