LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-28-2005, 11:03 AM   #1
Dmjmusser
Member
 
Registered: Nov 2005
Location: Detroit, Michigan -- USA
Distribution: Fedora Core
Posts: 90

Rep: Reputation: 15
How do I edit Iptables?


Iptables is preventing me from using a monitoring service called Nagios to monitor local services (processes, disk space) on a remote host. The reason is that the Iptables on this remote host are set to only allow traffic through on port 25, and I need to dedicate another port to allow this traffic through (specifically, I'd like to use 5666). Additionally, I'd like for this remote host to only allow traffic on that port from machines on the company LAN. I'm just not sure how to go about doing this; I don't even know what commands I would use to get this started. Any help would be so greatly appreciated.

~Myles
 
Old 12-28-2005, 11:21 AM   #2
tuxrules
Senior Member
 
Registered: Jun 2004
Location: Chicago
Distribution: Slackware64 -current
Posts: 1,144

Rep: Reputation: 56
Quote:
Originally Posted by Dmjmusser
Iptables is preventing me from using a monitoring service called Nagios to monitor local services (processes, disk space) on a remote host. The reason is that the Iptables on this remote host are set to only allow traffic through on port 25, and I need to dedicate another port to allow this traffic through (specifically, I'd like to use 5666). Additionally, I'd like for this remote host to only allow traffic on that port from machines on the company LAN. I'm just not sure how to go about doing this; I don't even know what commands I would use to get this started. Any help would be so greatly appreciated.

~Myles
Do you use a gui or script to run iptables? What protocol does your monitoring service use?

I am assuming you use tcp. If you are using a script you can add something like this in your script.

Code:
/usr/sbin/iptables -A INPUT -i eth0 -p tcp -s 192.168.1.0/24
--dport 5666 -j ACCEPT
/usr/sbin/iptables -A OUTPUT -o eth0 -p tcp --sport 5666 
-d 192.168.1.0/24 -j ACCEPT
obviously, you have replace eth0 with whatever is your interface. Also you would have to replace the network address to fit what you have.

Last edited by tuxrules; 12-28-2005 at 11:22 AM.
 
Old 12-29-2005, 11:22 AM   #3
Dmjmusser
Member
 
Registered: Nov 2005
Location: Detroit, Michigan -- USA
Distribution: Fedora Core
Posts: 90

Original Poster
Rep: Reputation: 15
Okay, I entered in those commands (well, modified a bit to fit my circumstances). Do I need to do something that will cause this new rule to take affect? After I added the rule, I executed iptables -L, but the new rule does not show there.

-Myles
 
Old 12-29-2005, 12:54 PM   #4
Dmjmusser
Member
 
Registered: Nov 2005
Location: Detroit, Michigan -- USA
Distribution: Fedora Core
Posts: 90

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by Dmjmusser
Okay, I entered in those commands (well, modified a bit to fit my circumstances). Do I need to do something that will cause this new rule to take affect? After I added the rule, I executed iptables -L, but the new rule does not show there.

-Myles
Hah...forget it, I figured out how to restart Iptables. But the rule I entered didn't stick. I wonder why. Mayhap I should post it and someone can help me troubleshoot?

~Myles
 
Old 12-29-2005, 02:07 PM   #5
ssfrstlstnm
Member
 
Registered: Dec 2004
Location: IN, USA
Distribution: debian etch
Posts: 402

Rep: Reputation: 30
Shorewall = iptables made easy (not that is was that hard to begin with)
 
Old 12-29-2005, 02:20 PM   #6
wrj
Member
 
Registered: Aug 2003
Location: Canada/US
Distribution: Ubuntu, Arch
Posts: 84

Rep: Reputation: 15
try iptables-save to write it to the file fedora uses. I don't know which file it is because I've never used fedora, but I'm sure others can help you with that.

"man iptables-save" for more info
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 09:20 PM
IPTABLES how to add/edit/delete rules in existing chain? debug019 Linux - Newbie 1 11-11-2004 03:48 PM
IPtables Log Analyzer from http://www.gege.org/iptables/ brainlego Linux - Software 0 08-11-2003 07:08 AM
iptables book wich one can you pll recomment to be an iptables expert? linuxownt Linux - General 2 06-26-2003 05:38 PM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 08:36 AM


All times are GMT -5. The time now is 08:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration