iptables and the Kernel

Printable View

08-30-2012
Brillo

iptables and the Kernel

Hello everybody,

I hope all is well.

I recently installed Debian 6.0.5 on a Eee PC 1025c. The graphics card was not supported by any version of the kernel so I obtained the driver sources from Intel and included them when I compiled the kernel. The graphics are functioning swimmingly now. The problem is with iptables as well as UFW. When I try to block incoming traffic, it blocks all outgoing traffic as well.

Is there something I missed while I was configuring the kernel before I compiled it?

When I boot into the kernel that came with the distribution (2.6.32-5-686) iptables functions without issue.

Thank You

Cheers
08-30-2012
mizzle

Hello,

You need to add a rule to the incoming chain that allows 'RELATED,ESTABLISHED' connections in. Your packets are getting out, but it's not letting the return packets in without that rule.
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
08-30-2012
Brillo

That seems to be accepting all traffic from the outside and blocking nothing.
08-30-2012
Brillo

If I use:
iptables -A INPUT -m state ESTABLISHED -j ACCEPT
and
iptables -A INPUT -s 127.0.0.1 -i lo -j ACCEPT

Seems to do the trick, allows all of the outgoing traffic but blocks all the incoming traffic.

Cheers
08-31-2012
mizzle

My apologies. It should be
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT