Maybe I have to review the TCP protocol...
Gianni Antony Stone wrote:
On Tuesday 06 April 2004 3:25 am, Gianni Pucciani wrote:
Hi all,
I'm new to the use of iptable. I set this script for my home
workstation, but when I apply these rules anything stop functioning.
I guess I'm doing something stupid but this is my very first time with
iptables, so sorry.
The major problem with your ruleset is that you have no rules in either your INPUT or OUTPUT chains to allow reply packets.
My recommendation is to start simple, and add things bit by bit. Then if something goes wrong, you only need to look at the (simple) thing you added most recently.
For a home workstation, try the following ruleset (which will allow more traffic than you say you want, but is still secure from the outside world).
You can add more specific rules to allow only the correct traffic, and to allow limited connections from the outside, as you want to.
iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -j ACCEPT
Regards,
Antony.
