Iptables don't load / show on FC3

bLaDe · 12-03-2004, 03:41 AM

Hi Guys,
I have a strange and weird problem at the moment which I can't work out for the life of me.

I recently decided to jump back into my iptables and clean them up a bit.

Anyway upon getting them to almost a point where I like them I did the standard iptables-save which seems to have worked and generated the following here in my /etc/sysconfig/iptables as expected.

When I do a service iptables restart and then iptables -L I now get everything blank as shown
here

I can't workout whether I'm doing anything wrong, from what I've read thus far it all looks OK unless of course I'm missing something completely obvious.

Any help would be great.

Which reminds me should you think I could have done something better in my tables by all means tell me as I'm eager to learn from my mistakes.

Thanks
Cheers
Darren

Butt-Ugly · 12-03-2004, 06:46 AM

Darren,

What you are seeing is correct. Your iptables -L command is only displaying the 'filter' table.

If you look at your iptables-save, there is nothing in the 'filter' table - so your second screenshot is correct.

What do you get from (paste as one whole command)?: iptables -t filter -nvL ; iptables -t nat -nvL ; iptables -t mangle -nvL

BU.

bLaDe · 12-03-2004, 04:01 PM

Believe it or not that would actually make sense which would explain why everything was blank in webmin until I changed to nat or mangle.

Quote:

What do you get from (paste as one whole command)?: iptables -t filter -nvL ; iptables -t nat -nvL ; iptables -t mangle -nvL

Located here is what I got, that makes a little bit of sense although it's been a while since I've done any in depth reading for iptables.

Is there anything I can add to my tables to make it more secure or is there any need to log any of the information above?

Thanks for your help.

The more I think about it the more sense it makes.

Cheers
Darren

Butt-Ugly · 12-03-2004, 05:37 PM

I am currently drafting a Linux HOWTO for Home Servers - see my profile for website.

I'll be starting on the firewall concepts shortly, but there is already a simple iptables script available if you wish to test it.

Obviously the document is in draft, but hopefully will provide you some early pointers.

BU.

bLaDe · 12-04-2004, 07:06 AM

Well what can I say I've just started reading what you've put together and it's brilliant from my point of view, it's basic and straight to the point.

I really look forward to this progressing, keep up the great work!

Cheers
Darren

maxut · 12-04-2004, 09:03 AM

@bLaDe
actually u dont have any filter.
u can generate a simple and enough secure iptables script from www.iptables-script.dk

@Butt-Ugly
keep up good work