Thread: iptables help
View Single Post

  #1 (permalink)  
Old 08-21-2007, 01:15 PM
vitaminme vitaminme is offline
Junior Member
User
  
Join Date: Aug 2007
My distro: redhat
Posts: 3
Rep Power: 0
vitaminme is on a distinguished road
Default iptables help
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 192.168.0.1 anywhere tcp dpt:ssh
DROP tcp -- anywhere anywhere tcp dpt:ssh
DROP tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:squid
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (0 reference
target prot opt source destination

Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


Here's what my iptables looks like.
if i append a below line in input policy internet on client machine stops workin. just want the reason why internet stops workin
iptables -A INPUT -j DROP
even forwarding is enabled "net.ipv4.ip_forward = 1"

or should i set input policy as drop "iptables -P INPUT DROP"

Reply With Quote