Re: [tlug] Arcane command-line (Was: epcEditor)

["Scott Robbins" <scottro@example.com>]

----- Original Message -----
From: "Scott McLennan" <scottmclennan@example.com>
To: <tlug@example.com>
Sent: Wednesday, March 27, 2002 9:15 AM
Subject: [despammed] Re: [tlug] Arcane command-line (Was: epcEditor)
\

> I dont believe you can just type in rules off the console and have
> them work. Im not sure though. Was hoping there would be an
> ipchains expert out there somewhere.

Yes, you can.  Using RH 7.2 as an example, you use the
-I for insert--if, for example, you wanted to allow ssh connections, when
your default firewall blocked them.

First
ipchains -L -n --line-number
This will show your current ipchains (I've been using iptables for many
months now, so if I make an error in syntax, someone please correct it)  It
will include the line number of each rule.  A typical RH one will show that
your first reject is around rule 6 or so.
So, then you'd go
ipchains -I input 6 -s 0/0 -p tcp --y -d 0/0 22  -j ACCEPT
This inserts the rule that will allow SSH connections at line 6, above the
first rejection, which I think is all well-known ports.

You might have to do /etc/rc.d/init.d/ipchains --restart though I don't
think so (I'm in Windows right now, so can't check it.)
HTH
another Scott (Robbins)