[lug] simple iptables mystery
Hugh Brown
hugh at math.byu.edu
Fri Mar 21 13:51:57 MST 2003
On Thu, 2003-03-06 at 21:25, D. Stimits wrote:
> On a RH 8 (KRUD) box, I have a mystery, which should not be happening. I
> admit I know very little about iptables, I've used ipchains forever, but
> this is so simple I don't understand why it won't work. In
> /etc/sysconfig/ is the iptables file (and I run service iptables restart
> after changes). I am trying to get it to accept anything on the private
> eth0 NIC (it has another NIC for outside world), and the following fails
> to allow anything below port 1024 in:
>
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> :RH-Lokkit-0-50-INPUT - [0:0]
> -A INPUT -j RH-Lokkit-0-50-INPUT
>
> -A RH-Lokkit-0-50-INPUT -s 0/0 -d 0/0 -i eth0 -j ACCEPT
>
The config that redhat created for me, puts a COMMIT at the bottom.
You could also try doing 'service iptables stop'
iptables --policy INPUT ACCEPT
iptables --policy OUTPUT ACCEPT
iptables --policy FORWARD ACCEPT
iptables -A INPUT -j RH-Lokkit-0-50-INPUT
iptables -A RH-Lokkit-0-50-INPUT -i eth0 -j ACCEPT
and then do an iptables-save to see how it outputs the info
FWIW,
Hugh
More information about the LUG
mailing list