LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page iptables and Firefox problem
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-29-2007, 02:10 PM   #1
zach8202
LQ Newbie
 
Registered: Mar 2007
Posts: 3

Rep: Reputation: 0
iptables and Firefox problem

So here's my problem. I want to use iptables. Firefox changes ports each time it opens. I want to block all ports and specify which ones to open. Does anyone know how to set it up so Firefox can use whichever ports it wants?
Thanks, Zach
 
Old 03-29-2007, 03:14 PM   #2
cgjones
Member
 
Registered: Nov 2005
Location: Central New York
Distribution: Ubuntu
Posts: 405

Rep: Reputation: 31
I'm pretty sure that you will need to use connection tracking.
 
Old 03-30-2007, 02:44 AM   #3
SiegeX
Member
 
Registered: Jul 2004
Location: Silicon Valley, CA
Distribution: Slackware
Posts: 171

Rep: Reputation: 38
cgjones is correct. The beauty of iptables over its predecessor ipchains is the notion of statefull packet inspection (SPI). Even though your Firefox is changing its source ports dynamically, SPI will make your firewall track each outgoing connection allow in the return packets without having to specify the exact port to allow. It is done with the following rules:

iptables -P INPUT DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT


The first rule sets the default INPUT policy to DROP and the second rule is the SPI rule I mentioned earlier. With just these two rules, your computer will not allow in any *unsolicited* inbound traffic. It will however allow in any traffic that you (or a computer behind your firewall) initiated.
 
Old 04-02-2007, 11:49 AM   #4
zach8202
LQ Newbie
 
Registered: Mar 2007
Posts: 3

Original Poster
Rep: Reputation: 0
one more question
Hi, thank you for that command. I very much appreciate it. I have one more question. As far as output goes, can you do a similar command? I tried the same one swapping input and output but didn't work. Thanks again for your previous post!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem on mozilla firefox, thunderbird and print selection problem staff Linux - Software 3 08-03-2006 03:38 AM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM
iptables problem shailesh_jain Linux - Security 2 05-25-2004 07:42 AM
my iptables seems conflicts with firefox ixogn Linux - Networking 1 02-20-2004 04:51 AM
iptables problem poison Slackware 9 01-14-2004 07:43 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:49 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration