Hi Everyone

I am new to linux and iptables

First i am practicing the ipatbles in ferdora core 6

I have only one local ip in the iptables machine

my ip is 192.168.1.12(where the iptable is running )

Now i want to addthis rule in the iptables

"iptables -A INPUT -s 0/0 -i eth0 -d 192.168.1.12 - p
TCP -j DROP

i tryed go to the path of vi /etc/sysconfig/iptables

and i added that ,but its saying error

And also Normall i run that command its not working

What i should i add or run this to get updated

And where i can see for the status that my rule got

updated in the iptabless

Please clarify my doubts on iptables

I like yo learn iptables

Healping this issue will be greatly appriciated

Thanks&Regards
winxandlinx

Copy ^^^ & run it. (maybe your rule had some problems with spaces)


About the default redhat firewall script, there are 2 things;
first they pipe all the input from INPUT to another new chain & second you are not supposed to use the above format. Follow the format mentioned in that file itself.


About learning iptables;
follow this....
Iptables Tutorial 1.1.19
Oskar Andreasson
http://www.linuxsecurity.com/resourc...-tutorial.html

No Its not happening anything

when i am running this

Tell me where i can check that command has got updated or not

will confirm you the same in a tabular form.

Hi Amit

Thanks for the reply

i run this command iptables -vnL


Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
3177 4703K RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 1657 packets, 4514K bytes)
pkts bytes target prot opt in out source destination

Chain RH-Firewall-1-INPUT (2 references)
pkts bytes target prot opt in out source destination
1589 4506K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 255
0 0 ACCEPT esp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT ah -- * * 0.0.0.0/0 0.0.0.0/0
39 4362 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:631
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
38 3925 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
1 48 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
1510 189K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Thanks & Regards
Winxandlinx

This is second time

So i am running again

iptables -A INPUT -s 0/0 -i eth0 -d 192.168.1.12 -p TCP -j DROP

After ruunging this

Again iptables -vnL

output is

chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
735 79454 RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 63 packets, 7295 bytes)
pkts bytes target prot opt in out source destination

Chain RH-Firewall-1-INPUT (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 255
0 0 ACCEPT esp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT ah -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:631
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
65 5058 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
1 48 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
669 74348 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Please check and try to solve this problem

Very egar to work in iptables