Find the answer to your Linux question:
Results 1 to 6 of 6
Hi, I am working on Fedora18 virtual machine. I want to try some rules of iptables. I have no experience for testing the rules from the outside computer. For more ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2013
    Posts
    2

    Question Iptables in linux


    Hi,

    I am working on Fedora18 virtual machine. I want to try some rules of iptables.

    I have no experience for testing the rules from the outside computer.

    For more clarification, I have create two virtual machine, one for appling the rules and the other for check the rule work as a local computer.

    But, how can I check the rule as outside computer.

  2. #2
    Linux Newbie
    Join Date
    Jan 2013
    Posts
    116
    What rules you have set on iptables, like drop or reject traffic from some ip, if yes then assign that to other machine and try to access that computer where you have applied rules.

  3. #3
    Just Joined!
    Join Date
    May 2013
    Posts
    2
    Quote Originally Posted by NixSavy View Post
    What rules you have set on iptables, like drop or reject traffic from some ip, if yes then assign that to other machine and try to access that computer where you have applied rules.
    It sounds like that, for example if I want reject traffic from all the external machine without specify a certain machine.

    I think I don't need to specify the destination/source in that case, am I right ??

  4. #4
    Linux Newbie
    Join Date
    Jan 2013
    Posts
    116
    Yes you can do it with iptables you can reject all trafic for your server, or for a particular port. For this you can also use TCP Wrappers to block all for any service like sshd, ftp etc.

    > iptables -I INPUT -p tcp --dport 80 -j DROP or REJECT

    It will drop all traffic for port 80.

  5. #5
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    First thing you want to do with any firewall rules is set the policy.

    Code:
    IPTABLES -P INPUT DROP
    IPTABLES -P OUTPUT DROP
    IPTABLES -P FORWARD DROP
    Now everything will be dropped and you can start off by opening what you want to allow in.
    I would also suggest that you use STATEFUL firewall rules as it make thing a lot easier.
    Here is a link to an IPTABLES Tutorial you can read.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  6. #6
    Linux Newbie nplusplus's Avatar
    Join Date
    Apr 2010
    Location
    Charlotte, NC, USA
    Posts
    106
    Good link, Lazydog! Thanks!

    N

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •