Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
> How to configure iptables?, A newbie needs help
rij
post Apr 24 2009, 01:03 PM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 3
Joined: 20-April 09
Member No.: 14,412



Hello folks,

I am having a problem understanding and configuring iptables and I was hoping someone would help me out.

I have 2 machines: A with ip 10.10.X.X and B with ip 10.10.X.X

I am running a simple UDP server on A and a simple UDP client on B. However, nothing was beig sent from B to A. From reading online, I understood that iptables is probably creating a problem.
So as a first check, I stopped the service by typing: service iptables stop
My client server app then ran just fine.

So now, instead of completely dropping the iptable, I wanted to add some rules to it so that all communication between all machines in this network (only) is accepted.

Initially, I added the following to the input and output chain of both machines.
iptables -A INPUT -j ACCEPT -p all -s 10.10.20.0/24 -i eth0
iptables -A OUTPUT -j ACCEPT -p all -s 10.10.20.0/24 -i eth0

My C/S app did not work.

So I searched on this forum and I noticed a previous discussion where it was suggested that the rule might have been added to the wrong chain and instead FORWARD might be the correct one.

So I restarted my iptables (as I believe that starts the original script and discards any change that I might have made from the comand line -- Please correct me if I am wrong).
Then I added:
iptables -A FORWARD -j ACCEPT -p all -s 10.10.20.0/24 -i eth0

Still it doesn't work.

I have included the two tables as shown by:service iptables status.

Please, provide some insight.

=================================================================
after adding FORWARD

Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
2 ACCEPT all -- 10.10.20.0/24 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
3 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
8 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
10 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

=================================================================
This is the original:

Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
3 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
8 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
10 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Go to the top of the page
 
+Quote Post

Posts in this topic
- rij   How to configure iptables?   Apr 24 2009, 01:03 PM
- - michaelk   If would of been nice if you had replied to your o...   Apr 24 2009, 05:11 PM


Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 17th October 2017 - 07:27 PM