Help with Iptables

A

Attech

Member
Joined
Feb 5, 2010
Messages
21
Reaction score
0
Hello Forumites,
Need some help please with Iptables.
My friend sent me this info to input:

sudo -s

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -i lo -j ACCEPT
iptables -A INPUT -j REJECT

I did it exactly as suggested but get errors - came someone please rectify/correct, please.
 
Attech said:
Hello Forumites,
Need some help please with Iptables.
My friend sent me this info to input:

sudo -s

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -i lo -j ACCEPT
iptables -A INPUT -j REJECT

I did it exactly as suggested but get errors - came someone please rectify/correct, please.
Click to expand...

# Allow local connections
/usr/sbin/iptables -A INPUT -i lo -j ACCEPT
# Allow established connections, and those not coming from the outside
/usr/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Reject everything else
/usr/sbin/iptables -A INPUT -j DROP

I suggest use DROP over REJECT. Usually it works better and saves a tiny bit of bandwidth as it doesn't reply to every incoming request.

Additionally you might want to allow at least icmp, but that is up to you.
 
Hi Attech,

Try replacing the second line with:

Code: 
iptables -I lo -j ACCEPT

The 'I' should be uppercase. Best of luck.
 
RavenServers said:
Hi Attech,

Try replacing the second line with:

Code: 
iptables -I lo -j ACCEPT

The 'I' should be uppercase. Best of luck.
Click to expand...
That still wouldn't work, since you not specifying which chain the rule should go to. Look at my example above.
ie.
Code: 
/usr/sbin/iptables -A INPUT -i lo -j ACCEPT
The '-i' should definitely be lower case. It is the '-A INPUT' that is missing.
 
Cannot delete a post, or I have missed that feature, so it should have read:
EDIT: Never mind

EDIT:
Yup, missed it, sorry should have deleted the post which I'll do now.
 
Was just getting worried that our inhouse guru is stumped by the question. :)
 
Thanks all you marvellous folks!!!!!!!!!!

kingrob said:
?????
Click to expand...

Ya got me foxed there also - thought I had put in the wrong punctuation somewhere.
You know you could easily confuse a newbie (like me) into believing that. Wow! I am having a real quick, steep & dazy (I walk around dazed the whole day) intro into Linux!!!
I finally got things going the "easy way" downloaded & installed Firestarter - hope I have configured it according to what I had wanted which is a ultra secure connection for Internet & mail. But not to worry guys - I am slowly converting all my PC's to Linux & will definitely try out the suggestions volunteered by MYADSL support members - on the rest of the office - 2 down another 5 to go!!!
But it is good to know help is a few mouse clicks away. Thanks you guys!!!
 
Another Satisfied MyAdsl Member............
I don't understand much of this but it's good to see fellow members assisting in good spirit. I would go the Linux route if someone could show me exactly how to install VirtualBox just for the odd 3 or 4 windows applications I need for my work. I am completely not knowledgeable with Linux.
 
submarine said:
Another Satisfied MyAdsl Member............
I don't understand much of this but it's good to see fellow members assisting in good spirit. I would go the Linux route if someone could show me exactly how to install VirtualBox just for the odd 3 or 4 windows applications I need for my work. I am completely not knowledgeable with Linux.
Click to expand...

If you want to know more about VirtualBox, just go here : http://www.virtualbox.org/

There is so much information about VirtualBox, it scares me. ;)
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X