Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 11-03-2003, 01:52 PM   #1
LQ Newbie
Registered: Oct 2003
Posts: 13

Rep: Reputation: 0
Question my rules


These r rules given to the
Kernel by iptables tool, but i would like to convert them into
commands lines, each of them, like for instance:

iptables -A INPUT -s -p tcp -j DROP
can u help me figure out them ?

.................................................................................................... .............
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
REJECT tcp -- anywhere anywhere tcp dpts:!tcpmux:1024 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpts:tcpmux:1024
ACCEPT tcp -- anywhere anywhere tcp spts:tcpmux:1024
ACCEPT tcp -- anywhere
ACCEPT tcp -- anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Old 11-03-2003, 02:18 PM   #2
Registered: Dec 2002
Location: Currently: Normal, IL @ ISU -- Typically: South of Chicago
Distribution: Currently: RH 9 && Slackware 9.1 =)
Posts: 50

Rep: Reputation: 15
You want them to load as like single commands when the box boots up? Well that's not too bad. Here is a quick way of doing it.

first edit your /etc/rc.d/rc.local file and put a line in there like "/root/iptables_script" or something (whatever you want to call the file that'll hold the commands and the path to that file).

Then go to that path (like in my example it's /root/iptables_script) and create a new file "vi iptables_script" or any other editor of your choice.

You'll first need to flush the rules out (sorry I'm at school and I don't fully remember the full syntax but this should get ya started) like:
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
From here you can then put your own rules and such. After you are done save the file and exit the editor.

use "chmod" to change the permissions to "700" (for read, write, exec)
chmod 700 /root/iptables_script
Okay now just reload the rc.local file by doing
There ya should now be able to do "iptables --list" and see all the rules you applied. If you don't want this to run at start up you can just simply take the "/root/iptables_script" line out of the rc.local. Doing this would mean you'd have to invoke your own exec of the file to change the rules. (You may want to write many different files and depending on what type of internet traffic you'll be using you can run that script and then have it after so long rerun the other script).



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Slackware 9.1 Rules! :D DuncanM Slackware 6 04-14-2004 04:24 PM
my rules arong Linux - Newbie 2 11-03-2003 03:55 PM
This OS rules! Pcghost General 7 03-27-2003 01:11 PM
Rules trickykid LQ Suggestions & Feedback 23 08-05-2002 02:00 AM
Viruses, ipchains, dynamic rules, rules with regular expressions marktaff Linux - Security 2 09-25-2001 04:01 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:25 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration