Hi all

I am setting my firewall rules using the command iptables.
My question is i wanna know what command i can use that list rule 2 and 3 for instance in my table?

i am using Netfilter firewall

another question is :

I created my own chain (iptables -N MY_CHAIN)
then i used the command
#iptables -A INPUT -p icmp -j MY_CHAIN

which refering all incomming traffic on that protocol to my created chain

then i added a new rule to that chain

when i deleted the rule that ive just created it worked using the command
#iptables -D MY_CHAIN 1

then when i tried to delete the new chain i couldnt using this command
#iptables -X MY_CHAIN

i read through the internet and i guess the reason is that this created chain has referenced as a target by the input chain so that i cant delete it

my question is : what if i need to force the deleting?
is there any command to do that? I dont want to use -F option to flush out the table, i just wanna to delete this created chain


Thanks

also 1 challenging question

if i have this scenario:
i want to create rule that: The host is administered using SSH, scp and sftp so allow incoming SSH traffic and securing remote file copying and transferring

what is best input output chain rules i can use?

thanks

For example you can use "sed" command:
There is 3 lines offset because first 3 listed rules are policies. You can check manually how many lines to skip or write more advanced sed expression.


Obviously - delete or change rules which have this chain as their target. How firewall would be known what to do with packet, if it will has inexistent target?


It depends on needs. For example, if you only access this server from known IPs/MACs you can restrict access to it. Or you are not bother about using port knock (nice security tool). There are tool for automatically add DROP for certain IPs rules when they discover port scanning or few failed ssh logins.

1 members found this post helpful.

thank u so much

thant solved my prob and answerd my question

regards