Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    iptables script not working

    Dear All,

    I asked to setup a firewall that have two zones. My LAN having (firewall eth1 - and router's connected ip (firewall eth0 -

    I have written a script with drop policy. Internal ( pcs need to access external SMTP/POP server ip a.b.c.d and also few pcs need to connect to it via SSH(putty).

    I have tried to do this using following script and it is not working.(I am only having experience to write few rules for SMTP/POP servers using INPUT and OUTPUT chains that not FORWARD chain)

    # Drop all
    iptables -P INPUT DROP
    iptables -P OUTPUT DROP
    iptables -P FORWARD DROP
    # Accept loop back address
    iptables -A INPUT -i lo -j ACCEPT
    iptables -A OUTPUT -o lo -j ACCEPT
    # Forward SMTP/POP3,ssh traffic to and from OUT side
    iptables -A FORWARD -i eth1 -o eth0 -p tcp -s -d a.b.c.d --dport smtp,pop3,ssh -m state --state NEW,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -o eth0 -i eth1 -p tcp -s a.b.c.d -d --sport smtp,pop3,ssh -m state --state ESTABLISHED -j ACCEPT
    # Save and Start Iptables
    service iptables save
    service iptables start
    Using following script I cant access the a.b.c.d server for smtp, pop3 and ssh.
    Pls someone help meto correct this..


  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    The Keystone State
    You might want to read the following Tutorial.


    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts