LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 11-03-2003, 02:52 PM   #1
arong
LQ Newbie
 
Registered: Oct 2003
Posts: 13

Rep: Reputation: 0
Question my rules


hello,

These r rules given to the
Kernel by iptables tool, but i would like to convert them into
commands lines, each of them, like for instance:

iptables -A INPUT -s 127.0.0.1 -p tcp -j DROP
can u help me figure out them ?

.................................................................................................... .............
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
REJECT tcp -- anywhere anywhere tcp dpts:!tcpmux:1024 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpts:tcpmux:1024
ACCEPT tcp -- anywhere anywhere tcp spts:tcpmux:1024
ACCEPT tcp -- anywhere ftp.films.it
ACCEPT tcp -- ftp.fimls.it anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


thanks
 
Old 11-03-2003, 03:18 PM   #2
Rab22
Member
 
Registered: Dec 2002
Location: Currently: Normal, IL @ ISU -- Typically: South of Chicago
Distribution: Currently: RH 9 && Slackware 9.1 =)
Posts: 50

Rep: Reputation: 15
You want them to load as like single commands when the box boots up? Well that's not too bad. Here is a quick way of doing it.

first edit your /etc/rc.d/rc.local file and put a line in there like "/root/iptables_script" or something (whatever you want to call the file that'll hold the commands and the path to that file).

Then go to that path (like in my example it's /root/iptables_script) and create a new file "vi iptables_script" or any other editor of your choice.

You'll first need to flush the rules out (sorry I'm at school and I don't fully remember the full syntax but this should get ya started) like:
Code:
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
From here you can then put your own rules and such. After you are done save the file and exit the editor.

use "chmod" to change the permissions to "700" (for read, write, exec)
Code:
chmod 700 /root/iptables_script
Okay now just reload the rc.local file by doing
Code:
/root/iptables_script
There ya go....you should now be able to do "iptables --list" and see all the rules you applied. If you don't want this to run at start up you can just simply take the "/root/iptables_script" line out of the rc.local. Doing this would mean you'd have to invoke your own exec of the file to change the rules. (You may want to write many different files and depending on what type of internet traffic you'll be using you can run that script and then have it after so long rerun the other script).

Goodluck
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Slackware 9.1 Rules! :D DuncanM Slackware 6 04-14-2004 05:24 PM
my rules arong Linux - Newbie 2 11-03-2003 04:55 PM
This OS rules! Pcghost General 7 03-27-2003 02:11 PM
Rules trickykid LQ Suggestions & Feedback 23 08-05-2002 03:00 AM
Viruses, ipchains, dynamic rules, rules with regular expressions marktaff Linux - Security 2 09-25-2001 05:01 AM


All times are GMT -5. The time now is 12:16 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration