Hello there ,
I have a problem with iptables rules , so i try to make a firewall but still blocking my vpn connection or when i'm connected in a vpn i have a deconnection this is my rules :
But still blocked.#!/bin/sh
# FLUSH TABLES
iptables -t filter -F
# Flush personal tables
iptables -t filter -X
#dont break connection connected
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# OKr loopback
iptables -t filter -A INPUT -i lo -j ACCEPT
iptables -t filter -A OUTPUT -o lo -j ACCEPT
# ICMP (Ping)
iptables -t filter -A INPUT -p icmp -j ACCEPT
iptables -t filter -A OUTPUT -p icmp -j ACCEPT
# ---
# SSH In
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
# SSH Out
iptables -t filter -A OUTPUT -p tcp --dport 22 -j ACCEPT
# DNS In/Out
iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT
# NTP Out
iptables -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT
# HTTP + HTTPS Out
iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
# HTTP + HTTPS In
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 8443 -j ACCEPT
#VPN
iptables -A INPUT -p TCP --dport 1723 -j ACCEPT
iptables -A OUTPUT -p TCP --dport 1723 -j ACCEPT
iptables -A INPUT -p UDP --dport 1723 -j ACCEPT
iptables -A OUTPUT -p UDP --dport 1723 -j ACCEPT
#skype
iptables -A INPUT -p TCP --dport 23399 -j ACCEPT
Any help ?
Regards .
Results 1 to 6 of 6
Thread: iptables vpn rules
-
29th March 2010, 12:25 AM #1Member
- Join Date
- Jun 2009
- Posts
- 37
- Thanks
- 1
- Thanked 0 Times in 0 Posts
- Rep Power
- 0
iptables vpn rules
-
29th March 2010, 01:29 PM #2Member
- Join Date
- Mar 2010
- Posts
- 62
- Thanks
- 19
- Thanked 5 Times in 4 Posts
- Rep Power
- 4
Is it PPTP based vpn? Your script is so wrong... you are not dropping traffic for any chain at start or end but still opening and closing all ports which is a bad design.
29th March 2010, 05:28 PM #3Member
- Join Date
- Jun 2009
- Posts
- 37
- Thanks
- 1
- Thanked 0 Times in 0 Posts
- Rep Power
- 0
Yes is PPTP BASED.
Originally Posted by meta
Where is wrong in my script ?
29th March 2010, 06:23 PM #4Member
- Join Date
- Mar 2010
- Posts
- 62
- Thanks
- 19
- Thanked 5 Times in 4 Posts
- Rep Power
- 4
Are you using CentoS or Debian?
29th March 2010, 10:04 PM #5Member
- Join Date
- Jun 2009
- Posts
- 37
- Thanks
- 1
- Thanked 0 Times in 0 Posts
- Rep Power
- 0
I have Ubuntu
31st March 2010, 10:23 PM #6Member
- Join Date
- Jun 2009
- Posts
- 37
- Thanks
- 1
- Thanked 0 Times in 0 Posts
- Rep Power
- 0
Up please !
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
how to make iptable rules?
By saroj in forum Networking, Firewalls and SecurityReplies: 9Last Post: 31st August 2011, 10:51 PM -
lighttpd redirect rules!
By maxtox in forum Web serversReplies: 9Last Post: 16th July 2010, 11:33 PM -
iptables rules blocking ftp
By hammooda in forum Linux softwareReplies: 7Last Post: 23rd September 2006, 04:24 PM -
iptables rules for three ethernet
By brijeshchougule in forum Linux softwareReplies: 2Last Post: 16th June 2005, 02:42 PM -
Forum rules
By vivek in forum Feedback & Site NewsReplies: 0Last Post: 1st February 2005, 11:04 AM
Posting Permissions
Reply With Quote