Re: Newbie: need help with table rules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Eugene Joubert wrote:

First of all you're connection SSH doesn't work because you have got your OUTPUT policy as DROP. Now surely if you want the linux box to return your request you need to allow it to do so:-)
Doh! So true. Ok, now I have fixed that but I still cannot get to SSH. The new rules are:

$IPT --policy INPUT DROP
$IPT --policy OUTPUT ACCEPT
$IPT --policy FORWARD DROP

# Loopback accepts everything

$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT

# Aceept ICMP
$IPT -A INPUT -p icmp -j ACCEPT

# Allow previously established connections

$IPT -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# HTTP, HTTPS, SSH

$IPT -A INPUT -p TCP -s 0/0 -i eth0 -d $IP --dport 80 -j ACCEPT
$IPT -A INPUT -p TCP -s 0/0 -i eth0 -d $IP --dport 443 -j ACCEPT
$IPT -A INPUT -p TCP -s 0/0 -i eth0 -d $IP --dport 22 -j ACCEPT

# DNS
$IPT -A INPUT -p tcp --dport 53 -j ACCEPT
$IPT -A INPUT -p udp --dport 53 -j ACCEPT


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux