iptables newbie question

TurtleBay · 10-07-2003, 11:44 AM

How do I block an IP address from accessing my server at all in iptables?

Thanks!

thesnaggle · 10-07-2003, 02:01 PM

http://www.yo-linux.com/TUTORIALS/Li...rkGateway.html

this should fix you up if you have any other questions reply and ill see if i can help

TurtleBay · 10-07-2003, 02:09 PM

Very helpful tutorial - thank you so much. That one's much clearer and easier to understand than some others I've seen.

Thanks again.

TurtleBay · 10-09-2003, 02:00 PM

How do I configure iptables to allow DNS server requests?

Not real sure what I need to enable.

My iptables are currently set to block all traffic except what I allow through...

John

thesnaggle · 10-09-2003, 02:01 PM

open port 53

TurtleBay · 10-09-2003, 02:03 PM

You're fast!

I did that...opened port 53 both tcp and udp, and the server can request DNS from external servers and that works fine. But, the server is also a DNS server (named), and when iptables is running, outside connections don't receive DNS answers.

Would it help if I posted my iptables?

John

thesnaggle · 10-09-2003, 02:05 PM

yeah let me take a look
im fast cause when i have a problem i want an anwser now not later LOL

TurtleBay · 10-09-2003, 02:22 PM

THanks so much...I'm still learning iptables, so any suggestions will be appreciated:

Quote:

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A FORWARD -j RH-Lokkit-0-50-INPUT

#this is in here to block an attempted spammer
-A RH-Lokkit-0-50-INPUT -s 194.xxx.xxx.xxx -j REJECT

-A RH-Lokkit-0-50-INPUT -p tcp -m state --state RELATED -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 10000 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 443 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 21 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT

#Email ports
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 25 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 110 --syn -j ACCEPT

#directadmin port
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 2222 --syn -j ACCEPT

#dns ports
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 53 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --sport 53 -d 0/0 -j ACCEPT

-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
-A RH-Lokkit-0-50-INPUT -i eth1 -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp -j REJECT
COMMIT

Thanks again!
John

thesnaggle · 10-09-2003, 02:31 PM

have you tried nmaping the machine to see if 53 is open from what i can see it should work

TurtleBay · 10-09-2003, 02:35 PM

Sorry, but what's nmaping?

thesnaggle · 10-09-2003, 02:37 PM

http://www.insecure.org/
you can get a ver for windows there and im guessing that you already have a copy on your linux system