[Centos] Messing around with iptables

Andrew.Cotter@xxxxxxxxxxxxxxxxxxx (Andrew Cotter) · Fri, 13 Aug 2004 09:06:24 -0400

If you want to get serious about firewalls, I suggest picking up a good
book.

My favorite so far is "Linux Firewalls" by Robert L. Ziegler.

Of course there are tons of resources on the net that can be very helpful
too!

Good luck!

-----Original Message-----
From: centos-admin@xxxxxxxxxxx [mailto:centos-admin@xxxxxxxxxxx]On
Behalf Of scty Library
Sent: Friday, August 13, 2004 8:27 AM
To: centos Linux
Subject: Re: [Centos] Messing around with iptables

Hello all,

Thanks for all your advice I will probably use one of
the distro/products suggested.

I did figure out why it didn't work.  I already had
the RH firewall enabled so that took precedences.
When I disabled it I was then able to use that command
and it worked just fine.

Thanks again.

--- Dag Wieers <dag@xxxxxxxxxx> wrote:

> On Thu, 12 Aug 2004, scty Library wrote:
>
> > No, that did not work either.
>
> Allow me to demonstrate this one:
>
> 	[root@emyn ~]# ping 127.0.0.1
> 	PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
> 	64 bytes from 127.0.0.1: icmp_seq=0 ttl=64
> time=0.049 ms
> 	64 bytes from 127.0.0.1: icmp_seq=1 ttl=64
> time=0.047 ms
>
> 	--- 127.0.0.1 ping statistics ---
> 	2 packets transmitted, 2 received, 0% packet loss,
> time 1002ms
> 	rtt min/avg/max/mdev = 0.047/0.048/0.049/0.001 ms,
> pipe 2
>
> 	[root@emyn ~]# iptables -A INPUT -d 127.0.0.1 -p
> icmp -j DROP
>
> 	[root@emyn ~]# ping 127.0.0.1
> 	PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
>
> 	--- 127.0.0.1 ping statistics ---
> 	2 packets transmitted, 0 received, 100% packet
> loss, time 1002ms
>
> 	[root@emyn ~]# iptables -L INPUT -xnv
> 	Chain INPUT (policy ACCEPT 29425 packets, 14876789
> bytes)
> 	    pkts      bytes target     prot opt in     out
>    source               destination
> 	       2      168 DROP       icmp --  *      *
>  0.0.0.0/0            127.0.0.1
>
> 	[root@emyn ~]# iptables -D INPUT -d 127.0.0.1 -p
> icmp -j DROP
>
> 	[root@emyn ~]# ping 127.0.0.1
> 	PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
> 	64 bytes from 127.0.0.1: icmp_seq=0 ttl=64
> time=0.050 ms
> 	64 bytes from 127.0.0.1: icmp_seq=1 ttl=64
> time=0.047 ms
>
> 	--- 127.0.0.1 ping statistics ---
> 	2 packets transmitted, 2 received, 0% packet loss,
> time 1017ms
> 	rtt min/avg/max/mdev = 0.047/0.048/0.050/0.007 ms,
> pipe 2
>
> It should be the same for you.
>
> Kind regards,
> --   dag wieers,  dag@xxxxxxxxxx,
> http://dag.wieers.com/   --
> [Any errors in spelling, tact or fact are
> transmission errors]
>

__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxxx
http://www.caosity.org/mailman/listinfo/centos