Re: [tlug] Ipchains/Iptables

["Scott McLennan" <scottmclennan@example.com>]

Hey Scott.
(what a great name! )

That's good. Thanks a lot. When you run iptables, do you
need this thing called netfilter? Can you run iptables by
calling it from within /etc/rc.d/rc.local just as you do with
ipchains.

For iptables what do you think of these:
http://www.linuxguruz.org/iptables/scripts/rc.firewall_023.txt
http://www.sjdjweis.com/linux/proxyarp/rc.firewall.txt

Thanks a lot Scott!

Ozzie Scott


> \
>
> > I dont believe you can just type in rules off the console and have
> > them work. Im not sure though. Was hoping there would be an
> > ipchains expert out there somewhere.
>
> Yes, you can.  Using RH 7.2 as an example, you use the
> -I for insert--if, for example, you wanted to allow ssh connections, when
> your default firewall blocked them.
>
> First
> ipchains -L -n --line-number
> This will show your current ipchains (I've been using iptables for many
> months now, so if I make an error in syntax, someone please correct it)
It
> will include the line number of each rule.  A typical RH one will show
that
> your first reject is around rule 6 or so.
> So, then you'd go
> ipchains -I input 6 -s 0/0 -p tcp --y -d 0/0 22  -j ACCEPT
> This inserts the rule that will allow SSH connections at line 6, above the
> first rejection, which I think is all well-known ports.
>
> You might have to do /etc/rc.d/init.d/ipchains --restart though I don't
> think so (I'm in Windows right now, so can't check it.)
> HTH
> another Scott (Robbins)
>
>
>