Find the answer to your Linux question:
Results 1 to 5 of 5
Hello everybody, I hope all is well. I recently installed Debian 6.0.5 on a Eee PC 1025c. The graphics card was not supported by any version of the kernel so ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2012
    Posts
    3

    iptables and the Kernel


    Hello everybody,

    I hope all is well.

    I recently installed Debian 6.0.5 on a Eee PC 1025c. The graphics card was not supported by any version of the kernel so I obtained the driver sources from Intel and included them when I compiled the kernel. The graphics are functioning swimmingly now. The problem is with iptables as well as UFW. When I try to block incoming traffic, it blocks all outgoing traffic as well.

    Is there something I missed while I was configuring the kernel before I compiled it?

    When I boot into the kernel that came with the distribution (2.6.32-5-686) iptables functions without issue.

    Thank You

    Cheers

  2. #2
    Linux Engineer
    Join Date
    Apr 2012
    Location
    Virginia, USA
    Posts
    794
    Hello,

    You need to add a rule to the incoming chain that allows 'RELATED,ESTABLISHED' connections in. Your packets are getting out, but it's not letting the return packets in without that rule.
    iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    Last edited by mizzle; 08-31-2012 at 03:39 AM. Reason: wrote the wrong rule

  3. #3
    Just Joined!
    Join Date
    Aug 2012
    Posts
    3
    That seems to be accepting all traffic from the outside and blocking nothing.

  4. #4
    Just Joined!
    Join Date
    Aug 2012
    Posts
    3
    If I use:
    iptables -A INPUT -m state ESTABLISHED -j ACCEPT
    and
    iptables -A INPUT -s 127.0.0.1 -i lo -j ACCEPT

    Seems to do the trick, allows all of the outgoing traffic but blocks all the incoming traffic.


    Cheers

  5. #5
    Linux Engineer
    Join Date
    Apr 2012
    Location
    Virginia, USA
    Posts
    794
    My apologies. It should be
    iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •