RE: Exact syntax and examples for iptables

Find in this group all groups

Home Log In Sign Up FAQ

Unknown

more information…

r : redhat-list@redhat.com

20 September 2009 • 3:21AM -0400

RE: Exact syntax and examples for iptables
by Bristol, Gary L.

Google me that

REPLY TO AUTHOR

Google me that

REPLY TO GROUP

To setup Iptables so that it is running, your issue the following command;

Chkconfig iptables on

Then do an; service iptables start

When you do a; service iptables status

You should get a display similar to the following, depending on the other rules you have.

Table: filter
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
DROP       all  --  10.5.5.25            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 255
ACCEPT     esp  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     ah   --  0.0.0.0/0            0.0.0.0/0
ACCEPT     udp  --  0.0.0.0/0            224.0.0.251         udp dpt:5353
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:631
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:123
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53
REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

If you want to check the iptables rule listing you can issue the; iptables -L -n command for a printout of the current rules.

If you want to make sure to save your current setup.

Do a; cd /etc/sysconfig

Iptables-save > iptables

If you want to manually enter new rules in the iptables file in the directory you can, and if you do and want to apply them to the active setup
You would execute the following command when in the /etc/sysconfig directory; iptables-restore < iptables



Message: 4
Date: Thu, 17 Sep 2009 22:35:07 -0400
From: "Aaron Bliss" <abliss@broc...>
Subject: RE: Exact syntax and examples for iptables
To: "'General Red Hat Linux discussion list'" <redhat-list@redh...>
Message-ID: <000001ca3808$a2f54fc0$e8dfef40$@edu>
Content-Type: text/plain; charset="us-ascii"

Assuming that you already have iptables running

/sbin/iptables -I RH-Firewall-1-INPUT -s 10.5.5.25 -j DROP
/sbin/service iptables save

Hi Aaron,

iptables is not running as the previous sysadmin hardened the server.

How do I turn it on?

So I issue the two commands you gave on both cluster nodes & it will
stop the Windows server from accessing on both nodes as well as the
cluster virtual IP address?

What's the command to reverse back, in case there's problem, I'll
need to fallback

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redh...?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

Bookmark with:

Delicious

Digg

Facebook

StumbleUpon

Related Messages

opensubscriber is not affiliated with the authors of this message nor responsible for its content.