Help with Iptables

[Attech]

Hello Forumites,
Need some help please with Iptables.
My friend sent me this info to input:

sudo -s

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -i lo -j ACCEPT
iptables -A INPUT -j REJECT

I did it exactly as suggested but get errors - came someone please rectify/correct, please.

 

[koffiejunkie]

What errors did you get?

 

[Attech]

What errors did you get?

2nd or middle line is rejected - Error is " iptables v1.4.4: no command specified"

 

[Tinuva]

Hello Forumites,
Need some help please with Iptables.
My friend sent me this info to input:

sudo -s

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -i lo -j ACCEPT
iptables -A INPUT -j REJECT

I did it exactly as suggested but get errors - came someone please rectify/correct, please.

# Allow local connections
/usr/sbin/iptables -A INPUT -i lo -j ACCEPT
# Allow established connections, and those not coming from the outside
/usr/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Reject everything else
/usr/sbin/iptables -A INPUT -j DROP

I suggest use DROP over REJECT. Usually it works better and saves a tiny bit of bandwidth as it doesn't reply to every incoming request.

Additionally you might want to allow at least icmp, but that is up to you.

 

[RSkeens]

Hi Attech,

Try replacing the second line with:

iptables -I lo -j ACCEPT

The 'I' should be uppercase. Best of luck.

 

[Tinuva]

Hi Attech,

Try replacing the second line with:

iptables -I lo -j ACCEPT

The 'I' should be uppercase. Best of luck.

That still wouldn't work, since you not specifying which chain the rule should go to. Look at my example above.
ie.

/usr/sbin/iptables -A INPUT -i lo -j ACCEPT

The '-i' should definitely be lower case. It is the '-A INPUT' that is missing.

 

[RSkeens]

The '-i' should definitely be lower case. It is the '-A INPUT' that is missing.

Yup, you're right. Should have tested mine out before jumping in.

 

[kingrob]

Never mind

?????

 

[MyWorld]

Cannot delete a post, or I have missed that feature, so it should have read:
EDIT: Never mind

EDIT:
Yup, missed it, sorry should have deleted the post which I'll do now.

 

[kingrob]

Was just getting worried that our inhouse guru is stumped by the question.

 

[Attech]

Thanks all you marvellous folks!!!!!!!!!!

?????

Ya got me foxed there also - thought I had put in the wrong punctuation somewhere.
You know you could easily confuse a newbie (like me) into believing that. Wow! I am having a real quick, steep & dazy (I walk around dazed the whole day) intro into Linux!!!
I finally got things going the "easy way" downloaded & installed Firestarter - hope I have configured it according to what I had wanted which is a ultra secure connection for Internet & mail. But not to worry guys - I am slowly converting all my PC's to Linux & will definitely try out the suggestions volunteered by MYADSL support members - on the rest of the office - 2 down another 5 to go!!!
But it is good to know help is a few mouse clicks away. Thanks you guys!!!

 

[submarine]

Another Satisfied MyAdsl Member............
I don't understand much of this but it's good to see fellow members assisting in good spirit. I would go the Linux route if someone could show me exactly how to install VirtualBox just for the odd 3 or 4 windows applications I need for my work. I am completely not knowledgeable with Linux.

 

[kingrob]

Another Satisfied MyAdsl Member............
I don't understand much of this but it's good to see fellow members assisting in good spirit. I would go the Linux route if someone could show me exactly how to install VirtualBox just for the odd 3 or 4 windows applications I need for my work. I am completely not knowledgeable with Linux.

If you want to know more about VirtualBox, just go here : http://www.virtualbox.org/

There is so much information about VirtualBox, it scares me.

 

[Lupus]

Great link if you want to learn iptables and play with them. Especially if it's Ubuntu

http://ubuntuforums.org/showthread.php?t=159661