LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 01-27-2003, 03:24 PM   #1
estranged0877
Member
 
Registered: Jan 2003
Posts: 52

Rep: Reputation: 15
stateful packet inspection


I am using IPTABLES and Masquerading. I am using my linux box like a router. This issue is just annoying opposed to critical.

This is my IPTABLE:

Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpts:1024:4999
ACCEPT tcp -- anywhere anywhere tcp dpts:5001:65353
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:3389

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

The thing I notice is that many web pages work, but some never resolve. Am I correct in understanding that this is because of Stateful Packet Inspection?

If so what do I need to add? If not, what can I do to get pages to work??
 
Old 01-28-2003, 06:05 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,518
Blog Entries: 51

Rep: Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598
Couldya tell us what you mean by "never resolve": show us some error messages. Resolving is something a DNS will do, has nothing to do wrt browsing. Also your ruleset seems a bit shallow to me, if you do "iptables -L" I'm sure we can add on some, or if you want to DIY, head over to linuxguruz.org for some good examples.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
brctl won't allow statefull inspection logo Linux - Networking 0 05-28-2005 11:23 AM
Is iptables/netfilter stateful inspection firewall ? newbieA Linux - Security 3 02-11-2005 08:32 PM
Stateful Packet Inspection Firewall (How could I tell)?? wardialer Linux - Security 9 02-10-2005 09:11 PM
Firewall with deep inspection Baltasar Linux - Networking 3 02-22-2004 09:07 PM
IPTables Stateful Command ryanstrayer Linux - Security 1 02-13-2002 10:44 AM


All times are GMT -5. The time now is 11:11 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration