LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page iptables chain modification
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-09-2005, 09:07 PM   #1
gizza23
Member
 
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Rep: Reputation: 31
iptables chain modification

There's this persistent part of my INPUT chain that will not go away.
Code:
ACCEPT     all  --  anywhere             anywhere
Does anyone have any clue how to get rid of such a general rule?
 
Old 07-09-2005, 09:52 PM   #2
Sharaz
Member
 
Registered: Jun 2005
Location: Dallas, TX
Distribution: Fedora 11,12, RedHat4,6, CentOS4,5, FreeBSD7,8
Posts: 70

Rep: Reputation: 16
is that the only rule in there? take a look at the file /etc/sysconfig/iptables. i think you can just omit the offending line. or, if you have no other rules, you can just:

iptables -F
or
iprables -F INPUT

and wipe them so you can start over.

me personally, i write my own firewall scripts for my boxes, and they all begin with:

Code:
#!/bin/bash
iptables --flush
# Set Default Policy for INPUT Chain
iptables -P INPUT DROP
# Allow Related and Established Traffic
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow from Localhost, and ICMP from local LAN
iptables -A INPUT -p icmp -s 192.168.0.0/16 -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
Last edited by Sharaz; 07-09-2005 at 09:58 PM.
 
Old 07-10-2005, 05:45 AM   #3
gizza23
Member
 
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Original Poster
Rep: Reputation: 31
Lightbulb
Thanks for the help! I did end up deleting that particular line from the INPUT chain (it was the third). There is one thing that I found interesting about your iptables shell. It allows pings from within your network. I'll want to use that later on. So thanks + 1!
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables: No chain/target/match by that name qanopus Linux - Networking 6 01-04-2009 09:10 PM
Bad Packet Chain (iptables) Feedback / Suggestions win32sux Linux - Security 1 09-17-2005 07:32 AM
Process order of iptables chain rules. mrpc_cambodia Linux - Networking 1 07-14-2004 12:21 AM
How do I make a iptables chain with sudo work ? rhawi Linux - General 5 06-10-2004 06:02 PM
iptables and LD chain spawing? lode Linux - Networking 8 04-21-2004 03:30 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:43 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration