Jump to content
  • Welcome To Mopar1973Man.Com

    We can see that your guest and been lurking about. When you register on the Mopar1973Man.Com site you'll be able to interact with all the other members. This is the most friendliest Cummins forum you'll ever join. Take the time right now and  REGISTER  on the Mopar1973Man.Com this will open up many more options and functions on the website. Everyone is very friendly and helpful just ask questions and everyone will help you out the best they can. 

Sign in to follow this  
Mopar1973Man

HELP! Stuck with Ubuntu iptables

Recommended Posts

Ummm... I know this is more directed at Rogan. But I'm hoping to get some help on how to work with iptables a bit more. I would like to build up a solid firewall on my server / PC. Webmin was nice enough to build a incoming firewall for me and set up the basic ports for SSH, HTML, etc. But I want to limit outgoing traffic too. So I tried reversing the direction of the port like for example...

Inbound.

ACCEPT If protocol is TCP and destination port is 80

So I figure it would be the other way around for outbound.

Outbound.

ACCEPT If protocol is TCP and source port is 80

Default action on both chains is DROP.

Maybe I need a good training course on how to write proper iptable chains without locking myself out of the internet. Yes. I ended up killing all outbound signals and managed to terminal my way back by flushing the outbound and changing back to default action ACCEPT on Outbound.

Talk about a mean firewall. You can quite literally lock all the doors and windows and be stuck. :banghead::ahhh:

Share this post


Link to post
Share on other sites

Ok... I'm gaining ground I think... :think:I copied the inbound iptables and reversed them and set them up as outbound tables. Accept If output interface is not eth0Accept If protocol is TCP and TCP flags ACK (of ACK) are setAccept If state of connection is ESTABLISHEDAccept If state of connection is RELATEDAccept If protocol is UDP and destination port is 53 and source port is 1024:65535Accept If protocol is TCP and source and destination ports are 53Accept If protocol is UDP and source and destination ports are 53Accept If protocol is TCP and source port is 80Accept If protocol is TCP and source port is 443Accept If protocol is TCP and source port is 10000:10010 (Webmin)At least now I can get back out to the web again. It a basic firewall at the moment.

Share this post


Link to post
Share on other sites

Can't help much buddy all I know isService iptables stop Haha But if you ever get really stuck I work next to some Linux and Solaris admins - can get you answers that way just email or pm me with your question For what it's worth

Share this post


Link to post
Share on other sites

9 hrs ago (when you posted this) I was fast asleep! lol iptables is quite an extensive section to learn. you can (if you haven't already) type:

#  man iptables
and the list of info is quite long.. If you'd like to soft-copy it to a text file:
# man iptables > /home/rwall/iptables.txt
Obviously use /your/home/path/file.ext It's just under 100Kb text file, to give you and idea of the amount of info provided.

Share this post


Link to post
Share on other sites
Sign in to follow this  




×
×
  • Create New...