Fedora Linux Support Community & Resources Center

Home Forums Posting Rules Linux Help Fedora Set-Up Guides Ask Fedora Fedora Project
Go Back   FedoraForum.org > Fedora 17/18 > Security and Privacy
Reload this Page iptable troubles
FedoraForum Search
Forgot Password? Join Us!
Register All Albums FAQ Search Today's Posts Mark Forums Read

Security and Privacy Sadly, malware, spyware, hackers and privacy threats abound in today's world. Let's be paranoid and secure our penguins, and slam the doors on privacy exploits.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 14th April 2006, 07:47 AM
collapse Offline
Registered User
  
Join Date: Feb 2006
Posts: 5
iptable troubles
I am kinda new to linux, and after creating a rule in my iptables for azureus ( /sbin/iptables -I INPUT -p tcp --destination-port 6881:6999 -j ACCEPT ) i decided i dont want to use azureus anymore. So i was trying to get that rule out of there and i flushed them all. (looked at the manpage and i guess i thought it would be a good idea =/) is there anywhere to find all the rules that used to be there, or will they come back, or should i not worry about it, or like...what.

-thank you for all the help =]
Reply With Quote
  #2  
Old 14th April 2006, 08:44 AM
Zigzagcom Offline
Registered User
  
Join Date: Feb 2005
Location: CALIFORNIA, yeah
Age: 86
Posts: 1,657
I'm not 100% sure, but below should be the default iptables file with ssh enabled. It should work for starters. If you still have the file in /etc/sysconfig, you could try as root:
Code:
iptables-restore < /etc/sysconfig/iptables
otherwise copy the code below (as root) and save it as 'iptables' in /etc/sysconfig and run the above command. Also check that iptables is running as a service. The file permissions should be "owner root / group root 600 (-rw------)".

/etc/sysconfig/iptables
Code:
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
__________________
Ziggy
Last edited by Zigzagcom; 14th April 2006 at 04:31 PM.
Reply With Quote
  #3  
Old 14th April 2006, 09:23 AM
collapse Offline
Registered User
  
Join Date: Feb 2006
Posts: 5
Thank you so very much!
Oh btw all that firewall info is right, and the command was "iptables-restore < /etc/sysconfig/iptables"
I finally figured out it needed the dash becuase i saw the binary itsself, haha.
thanks man =]
(not sure if SSH is running in that config or not though, im not running it and they matched exactly...(or mabye i am and i dont know it ^_^)
Reply With Quote
  #4  
Old 14th April 2006, 04:25 PM
Zigzagcom Offline
Registered User
  
Join Date: Feb 2005
Location: CALIFORNIA, yeah
Age: 86
Posts: 1,657
Oops, yeah it was late last night, just before bedtime...sorry about the goose-chase
You could have a ssh firewall rule, but if the sshd service is not running it just sits there idle.
__________________
Ziggy
Last edited by Zigzagcom; 14th April 2006 at 04:29 PM.
Reply With Quote
  #5  
Old 14th April 2006, 07:54 PM
Zigzagcom Offline
Registered User
  
Join Date: Feb 2005
Location: CALIFORNIA, yeah
Age: 86
Posts: 1,657
If you want to delete a rule in iptables, a good place to start is:
Code:
iptables -L --line-numbers
...output of the above command:
Code:
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
num  target     prot opt source               destination
1    ACCEPT     all  --  anywhere             anywhere
2    ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
3    ACCEPT     ipv6-crypt--  anywhere             anywhere
4    ACCEPT     ipv6-auth--  anywhere             anywhere
5    ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
6    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
7    ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
8    ACCEPT     all  --  192.168.1.0/24       anywhere
9    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
10   ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ndmp
11   REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited
The first column will list the line numbers for all the rules. You can then use the command:
Code:
[root@server ~]# iptables -D RH-Firewall-1-INPUT 5
where the syntax is "--delete -D chain rule-number". The above code would delete rule number 5 from the RH-Firewall-1-INPUT chain. Keep in mind, that you have only removed the rule from memory, so to make that rule deletion permanent, you have to save the set of rules from memory to /etc/sysconfig/iptables with the following command. Always make a backup of the iptables file, before you muck up the rules:
Code:
iptables-save > /etc/sysconfig/iptables
or
Code:
service iptables save
I think what confuses many people is the way RedHat and Fedora set up the firewall. The built-in chain "INPUT" in the "filter" table, has a policy of "ACCEPT", but then jumps to a user defined chain, "RH-Firewall-1-INPUT", which in turn has the "REJECT" target in the last rule. Anyway, most of the rules live in the RH-Firewall-1-INPUT chain, (default at least), but IPtables tutorials don't reference this particular facet often, if at all.
Code:
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain RH-Firewall-1-INPUT (2 references)
num  target     prot opt source               destination
1    ACCEPT     all  --  anywhere             anywhere
~
~
~
11   REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited
__________________
Ziggy
Last edited by Zigzagcom; 14th April 2006 at 08:00 PM.
Reply With Quote
Reply

Tags
iptable, troubles

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
iptable manojg Security and Privacy 1 28th August 2009 09:21 PM
IPtable & NoListen Yeti_A Security and Privacy 2 16th August 2007 05:03 PM


Current GMT-time: 06:05 (Saturday, 25-05-2013)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.
Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

 FedoraForum is Powered by RedHat