iptables not working with me

picox · 01-06-2005, 04:58 AM

Hello
im trying to block an ip through iptables. i used the following:

Code:

iptables -A INPUT -s xxx.xxx.xxx.xxx -j DROP

but when i go to iptables-save i dont see the above rule!
i just see:

Code:

# Generated by iptables-save v1.2.8 on Thu Jan  6 05:57:38 2005
*mangle
:PREROUTING ACCEPT [3651966:2382433568]
:INPUT ACCEPT [2472348:2171093958]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2627433:2884125516]
:POSTROUTING ACCEPT [2627433:2884125516]
COMMIT
# Completed on Thu Jan  6 05:57:38 2005
# Generated by iptables-save v1.2.8 on Thu Jan  6 05:57:38 2005
*filter
:INPUT ACCEPT [292528:88815113]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [148233:81064206]
COMMIT
# Completed on Thu Jan  6 05:57:38 2005

i even tried to block myself and it didnt work! plz help

musicman_ace · 01-06-2005, 08:35 AM

Putting a drop on the INPUT chain would stop them from accessing your pc from that IP address. If you want do block yourself from an IP, shouldn't it go on the OUTPUT chain.

michaelk · 01-06-2005, 08:38 AM

Look at the output of:
iptables -L

Did you save the current rules with iptables-save command? If not then the file will not show that rule.

I see that you did save the tables.

picox · 01-06-2005, 09:01 AM

Quote:

Originally posted by michaelk
Look at the output of:
iptables -L

Did you save the current rules with iptables-save command? If not then the file will not show that rule.

I see that you did save the tables.

iptables -L doesn;t show me anything

michaelk · 01-06-2005, 09:05 AM

Is iptables even running?

nirav.jani · 01-07-2005, 01:49 AM

The same thing is happening with me also, even I have downloaded the latest version of iptables from www.netfilter.org
and installed it, I dont know what is the problem but I am not able to block INPUT traffic from a particular ip address as per the picox and yes uptill I know this command should stop every traffic comming from a particular IP address.
I have just modified it and it is
iptables -A INPUT -i eth0 -s xxx.xxx.xxx.xxx -j DROP
it must work with atleast one input source that is eth0 , but not working why I don't know ?
Nirav

CodeFish · 01-09-2005, 05:35 PM

picox,

you have to load your rule-set before using iptables-save. You may need to activate iptables:
$ service iptables start

Initially, there are no rules. One option is to edit /etc/rc.d/init.d/iptables
see "Iptables Tutorial 1.1.19" by Oskar Andreasson at frozentux.net for other options/more details.

---

Nirav,

try,

iptables -A INPUT -i eth0 -s -j DROP
or
iptables -A INPUT -i eth0 -s 0/0 -j DROP

nirav.jani · 01-10-2005, 01:28 AM

Yes that is what I have tried previously the problem with the command
iptables -A INPUT -i eth0 -s -j DROP - it will show an error or something like take help by iptables -h - because we haven't provided the ip address or anything with -s option.

with the command
iptables -A INPUT -i eth0 -s 0/0 -j DROP will block all the websites - uptill I know, but I want to stop only one ip address - or say traffic from any one ip address to my computer.

Anyway I don't know any settings have been changed or what but I am not able to stop traffic from any one ip address still and the command like

iptables -A INPUT -i eth0 -s XXX.XXX.XXX.XXX -j DROP

still works fine - with no effect on traffic from that site

any solutions ?
nirav

nirav.jani · 01-10-2005, 02:54 AM

Hi all,
In my problem I got success after flushing all the chains and changing the default policies of chains,
I have goen through this link and utilises it to do my job
http://iptables-tutorial.frozentux.n...h-iptables.txt

enjoy
Nirav