Re: Basic IPTables Question
From: Roy W. Erickson (erickson_at_pixelmagicfx.com)
Date: 08/31/04
- Previous message: Clint Harshaw: "Re: FTP"
- In reply to: Aly Dharshi: "Basic IPTables Question"
- Next in thread: Listman: "Re: Basic IPTables Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: For users of Fedora Core releases <fedora-list@redhat.com> Date: Mon, 30 Aug 2004 16:48:32 -0700
FYI: http://easyfwgen.morizot.net might give you some ideas..
On Mon, 2004-08-30 at 16:08, Aly Dharshi wrote:
> Hi Folks,
>
> I am new to the world of IPTables and I have rules such as:
>
> iptables -A INPUT -d 161.184.244.187 -i eth0 -p tcp -m state --state ESTABLISHED
> -j ACCEPT
> iptables -A INPUT -d 161.184.244.187 -i eth0 -p tcp -m state --state ESTABLISHED
> -j LOG --log-prefix "IPTABLES TCP-IN" --log-level 1
>
> Where can I see these logs, I assumed that they would be in /var/log/messages
> but nothing shows.
>
> Secondly on this same box that is running this firewall I have a mail server
> that just sends mail out, if I try to send a message from the box to the local
> smtpd on the box it just sits there, these are all my rules:
>
> -A INPUT -d 161.184.244.187 -i eth0 -p tcp -m state --state ESTABLISHED -j ACCEPT
> -A INPUT -d 161.184.244.187 -i eth0 -p tcp -m state --state ESTABLISHED -j LOG
> --log-prefix "IPTABLES TCP-IN" --log-level 1
> -A INPUT -d 161.184.244.187 -i eth0 -p udp -m state --state ESTABLISHED -j ACCEPT
> -A INPUT -d 161.184.244.187 -i eth0 -p udp -m state --state ESTABLISHED -j LOG
> --log-prefix "IPTABLES UDP-IN" --log-level 1
> -A INPUT -d 161.184.244.187 -i eth0 -p tcp -m state --state NEW -m tcp --dport
> 22 -j ACCEPT
> -A INPUT -d 161.184.244.187 -i eth0 -p tcp -m state --state NEW -m tcp --dport
> 22 -j LOG --log-prefix "IPTABLES SSH-IN" --log-level 1
> -A OUTPUT -s 161.184.244.187 -o eth0 -p tcp -m state --state NEW,ESTABLISHED -j
> ACCEPT
> -A OUTPUT -s 161.184.244.187 -o eth0 -p tcp -m state --state NEW,ESTABLISHED -j
> LOG --log-prefix "IPTABLES TCP-OUT" --log-level 1
> -A OUTPUT -s 161.184.244.187 -o eth0 -p udp -m state --state NEW,ESTABLISHED -j
> ACCEPT
> -A OUTPUT -s 161.184.244.187 -o eth0 -p udp -m state --state NEW,ESTABLISHED -j
> LOG --log-prefix "IPTABLES UDP-OUT" --log-level 1
>
> What am I doing wrong, should I have a rule to allow incoming 25 on tcp, as I
> have listed the full hostname in the mail settings.
>
> Cheers,
>
> Aly.
>
>
> --
> Aly Dharshi
> aly.dharshi@telus.net
>
> "A good speech is like a good dress
> that's short enough to be interesting
> and long enough to cover the subject"
-- Roy W. Erickson Senior Systems Engineer Pixel Magic Effects 10635 Riverside Dr N. Hollywood, CA 91602 818.760.0862 erickson@pixelmagicfx.com -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Clint Harshaw: "Re: FTP"
- In reply to: Aly Dharshi: "Basic IPTables Question"
- Next in thread: Listman: "Re: Basic IPTables Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
