Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 07-09-2005, 10:07 PM   #1
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Rep: Reputation: 31
iptables chain modification

There's this persistent part of my INPUT chain that will not go away.
ACCEPT     all  --  anywhere             anywhere
Does anyone have any clue how to get rid of such a general rule?
Old 07-09-2005, 10:52 PM   #2
Registered: Jun 2005
Location: Dallas, TX
Distribution: Fedora 11,12, RedHat4,6, CentOS4,5, FreeBSD7,8
Posts: 70

Rep: Reputation: 16
is that the only rule in there? take a look at the file /etc/sysconfig/iptables. i think you can just omit the offending line. or, if you have no other rules, you can just:

iptables -F
iprables -F INPUT

and wipe them so you can start over.

me personally, i write my own firewall scripts for my boxes, and they all begin with:

iptables --flush
# Set Default Policy for INPUT Chain
iptables -P INPUT DROP
# Allow Related and Established Traffic
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow from Localhost, and ICMP from local LAN
iptables -A INPUT -p icmp -s -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT

Last edited by Sharaz; 07-09-2005 at 10:58 PM.
Old 07-10-2005, 06:45 AM   #3
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Original Poster
Rep: Reputation: 31

Thanks for the help! I did end up deleting that particular line from the INPUT chain (it was the third). There is one thing that I found interesting about your iptables shell. It allows pings from within your network. I'll want to use that later on. So thanks + 1!


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables: No chain/target/match by that name schatoor Linux - Networking 6 01-04-2009 10:10 PM
Bad Packet Chain (iptables) Feedback / Suggestions win32sux Linux - Security 1 09-17-2005 08:32 AM
Process order of iptables chain rules. mrpc_cambodia Linux - Networking 1 07-14-2004 01:21 AM
How do I make a iptables chain with sudo work ? rhawi Linux - General 5 06-10-2004 07:02 PM
iptables and LD chain spawing? lode Linux - Networking 8 04-21-2004 04:30 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:27 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration