Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
08-01-2003, 06:41 PM
|
#1
|
Member
Registered: Aug 2003
Location: Sweden
Posts: 83
Rep:
|
iptables DEFAULT POLICY
What should I think about if i set all my POLICIES to DROP?
Last time I had drop on all of them I couldn't browse on the net,
|
|
|
08-02-2003, 06:41 AM
|
#2
|
Senior Member
Registered: Jul 2003
Location: Indiana
Distribution: Mandrake Slackware-current QNX4.25
Posts: 1,802
Rep:
|
You most definitely will not be able to browse the net if your default policies are set to DROP.
There is a prebuilt firewall for about any need right here. Just browse through them till you see one that fits your needs.
|
|
|
08-02-2003, 06:43 AM
|
#3
|
Senior Member
Registered: Dec 2002
Location: England
Distribution: Used to use Mandrake/Mandriva
Posts: 2,794
Rep:
|
Try a gui firewall configurer like Guarddog or Firestarter to tweak it to your needs.
|
|
|
08-02-2003, 10:05 PM
|
#4
|
Member
Registered: Aug 2003
Location: Sweden
Posts: 83
Original Poster
Rep:
|
not really found of GUI's and autoconf tools but ill check out that netfilter site and see if I find a quick example of what im looking for...
Don't think I wan't to use a prebuilt script was kinda looking forward to writing my own.
btw if I set all my policies to DROP shouldn't I be able to allow browsing? something like this (except this doesn't work)
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# (know port 80 is for internal webserver, couldn't I change the
# port to ??? so browsing is allowed
# eth0 = external iface
# eth1 = internal iface (192.168.0.0/24)
iptables -A OUTPUT -i eth0 -p TCP --sport 80 -j ACCEPT
iptables -A FORWARD -i eth1 -p TCP --sport 80 -j ACCEPT
btw thanks for the site
|
|
|
02-22-2011, 03:23 PM
|
#5
|
LQ Newbie
Registered: Feb 2011
Posts: 2
Rep:
|
Try
iptables -A FORWARD -i eth0 -o eth1 -p tcp --dport 80 -m state --state ESTABLISHED,RELATED
Last edited by Apostle1911; 02-22-2011 at 03:26 PM.
|
|
|
02-22-2011, 03:56 PM
|
#6
|
Member
Registered: Feb 2006
Location: Norway
Distribution: Slackware Linux 13.37
Posts: 71
Rep:
|
Https normally use port 443 you might want to allow that if you plan to use your online bank or something similar
|
|
|
02-22-2011, 05:36 PM
|
#7
|
LQ Veteran
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
|
You do realize this thread is almost 8 years old, don't you?
|
|
|
02-23-2011, 12:10 AM
|
#8
|
LQ Newbie
Registered: Feb 2011
Posts: 2
Rep:
|
Lol yeah, but that doesn't make this information any less relevant. Of course, there are better things out there than linux iptables now, but people still use them.
|
|
|
02-23-2011, 04:55 AM
|
#9
|
Member
Registered: Feb 2006
Location: Norway
Distribution: Slackware Linux 13.37
Posts: 71
Rep:
|
Oooops! Its not my fault I didnt look at the dates
|
|
|
All times are GMT -5. The time now is 09:13 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|