LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-06-2009, 11:41 AM   #1
lanesi
LQ Newbie
 
Registered: Apr 2009
Posts: 3

Rep: Reputation: 0
Simple problem with IPTABLES


Hello friends,

I'm having a big trouble because i'm new in linux and don't know almost nothing about IPTABLES.
Well, i'd like to open some ports and looking through the net i found a post teaching step by step. I followed as it said, but i stop in an error that i think it's pretty simple, here we go:
My steps:

1) Open flle /etc/sysconfig/iptables:
Code:
# vi /etc/sysconfig/iptables
(the archieve was empty)

2) My archieve, is like this:
Code:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8767 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 8767 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 51234 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 51234 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 14534 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 14534 -j ACCEPT
I think that it's possible that i'm missing somethig here.

3) Save and close the file. Restart iptables:
Code:
# /etc/init.d/iptables restart
4) I got the error as follow:
Code:
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: mangle filter nat         [  OK  ]
Applying iptables firewall rules: iptables-restore: line 1 failed
                                                           [FAILED]
What can i do to pass through that?

Thanks

Leandro Anesi
 
Old 04-06-2009, 12:31 PM   #2
saagar
Member
 
Registered: Jul 2008
Location: Chennai, India
Distribution: RHEL5, Ubuntu
Posts: 191

Rep: Reputation: 37
Try this:
1.iptables -F (flush all the contents)
2.service iptables save.
3.service iptables restart.

<the above 3 steps will flush off all the contents previously stored>

4.now start writing your rule..
for eg. to block ssh to your server..

iptables -A INPUT -s <source address> -p tcp --dport 22 -j REJECT
iptables -A INPUT -s <source address> -p udp --dport 22 -j REJECT

5.Now list the written rule in the tables
iptables -L
6.if correct, save it to /etc/sysconfig/iptables by the follg command:

service iptables save.
7. Now, we need to restart the service

service iptables restart
chkconfig iptables on.

8.Hope this helps.

Last edited by saagar; 04-29-2009 at 12:21 PM.
 
Old 04-06-2009, 03:09 PM   #3
lanesi
LQ Newbie
 
Registered: Apr 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Where put the rules?

Thanks for your answer.
I did the procedure, than, now i have this:

Code:
# Generated by iptables-save v1.3.5 on Mon Apr  6 13:05:33 2009
*mangle
:PREROUTING ACCEPT [12184:1352710]
:INPUT ACCEPT [12184:1352710]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [14088:2104250]
:POSTROUTING ACCEPT [14088:2104250]
COMMIT
# Completed on Mon Apr  6 13:05:33 2009
# Generated by iptables-save v1.3.5 on Mon Apr  6 13:05:33 2009
*filter
:INPUT ACCEPT [12184:1352710]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [14088:2104250]
COMMIT
# Completed on Mon Apr  6 13:05:33 2009
# Generated by iptables-save v1.3.5 on Mon Apr  6 13:05:33 2009
*nat
:PREROUTING ACCEPT [845:55500]
:POSTROUTING ACCEPT [2351:190030]
:OUTPUT ACCEPT [2351:190030]
COMMIT
# Completed on Mon Apr  6 13:05:33 2009
Which place may i put my rules?

Thank you so much.

Leandro Anesi
 
Old 04-06-2009, 03:58 PM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,066
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
As saagar said aboive: Enter the rules interactively, when they show in iptables -L,
save them.

Alternatively, you should be able to just stick them in here:
Code:
:OUTPUT ACCEPT [2351:190030]
   < -- INSERT RULES HERE
COMMIT

Cheers,
Tink

Last edited by Tinkster; 04-06-2009 at 04:01 PM.
 
Old 04-06-2009, 07:53 PM   #5
lanesi
LQ Newbie
 
Registered: Apr 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Thanks

Thank you very much. You solved my problem.

Leandro Anesi
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Help me with Iptables (simple) spyxx7us Linux - Security 8 12-04-2007 09:26 AM
Simple iptables script problem. rookiepaul Linux - Security 4 05-01-2006 04:25 AM
Problem with iptables, and a simple question about a NTFS part. Jorek Linux - Newbie 2 12-30-2005 03:05 PM
Simple IPTABLES problem zahoo Linux - Networking 2 03-09-2005 10:43 PM
iptables problem in a very simple script max_sipos Linux - Security 2 08-10-2004 07:58 AM


All times are GMT -5. The time now is 06:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration