Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 07-14-2004, 05:27 PM   #1
LQ Newbie
Registered: Jul 2004
Posts: 2

Rep: Reputation: 0
strange x server problem with my iptables def.

Hello pals!
Here is my strange problem....
I've recently configured my fedora 2 box to work as a gateway to my "treacherous" father's windows xp box. Now I have a really messy thing happening. When I try to "startx" the Xserver, with the iptables definition script I've made activated, it crashes , doesn't enter, and, if I deactivate the script, it runs normaly, whitout problems. Please can anyone say what is wrong with it, here it is (I use eth0 for acessing the internet and eth1 for the LAN):


iptables -X
iptables -F
iptables -t nat -F
iptables -P INPUT ACCEPT

iptables -A INPUT -j LOG -s -i eth1
iptables -A INPUT -j LOG -s localhost/8 -i lo
iptables -A INPUT -j DROP -s -i eth1
iptables -A INPUT -j DROP -s localhost/8 -i lo

iptables -A INPUT -j ACCEPT -i eth1
iptables -A INPUT -j ACCEPT -i lo

iptables -A INPUT -j ACCEPT -p tcp --dport 22

iptables -A INPUT -j ACCEPT -p tcp --dport 6000

iptables -A INPUT -j ACCEPT -p tcp --dport 1024: ! --syn

iptables -A INPUT -j ACCEPT -p udp -s --sport 53 --dport 1024:
iptables -A INPUT -j ACCEPT -p udp -s --sport 53 --dport 1024:

iptables -A INPUT -j ACCEPT -p icmp --icmp-type 0
iptables -A INPUT -j ACCEPT -p icmp --icmp-type 3

iptables -A INPUT -j LOG
iptables -A INPUT -j DROP

iptables -t nat -A POSTROUTING -j MASQUERADE -s -d !
Old 07-15-2004, 09:26 AM   #2
Registered: Dec 2003
Location: Northern VA
Posts: 493

Rep: Reputation: 30
Very messy. One of the first problems is your INPUT -j DROP should be the first thing, that way you close everything down, then you open the things you want to open.

Here's what my iptables looked like a while ago. It has the NATing and the Masquerading and whatever else you'll need.
Old 07-15-2004, 10:27 AM   #3
Senior Member
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 50
iptables -A INPUT -j ACCEPT -p tcp --dport 6000
You may not need this rule. For other INPUT rules consider using -i.
Old 07-15-2004, 02:31 PM   #4
LQ Newbie
Registered: Jul 2004
Posts: 2

Original Poster
Rep: Reputation: 0
Thankyou guys... But I've solved my problem with firestarter.... nice graphic firewall configuring util. Maybe I'm just too lazy to use brute text modes .


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
adsl+iptables+port forward+"-m tcp" strange problem icry0000 Linux - Networking 3 07-31-2005 09:31 PM
Is there any app to convert emacs's syntax highlight def. file to vim's def. file ? cyu021 Linux - Software 0 10-05-2004 11:02 PM
strange x server problem alexisph Slackware 7 08-24-2004 06:11 PM
Strange problem about iptables DNAT. zufeng Linux - Networking 1 06-28-2003 11:09 AM
Strange iptables firewall problem. Bomber Linux - Security 5 01-15-2002 06:33 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:35 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration