[ale] iptables rules

scott mcbrien smcbrien at gmail.com
Sat Oct 10 11:48:51 EDT 2009


Paul,
What is the default policy on the INPUT chain set to?  I also notice that
you don't have any ESTABLISHED,RELATED rules to accept packets returning
from outbound connections.  If your default policy is DROP, that would
explain the behavior.

That said, it's difficult to troubleshoot iptables rules without seeing ALL
the rules.  Looking at this subset of rules may have people point you in the
wrong direction.

-Scott

On Sat, Oct 10, 2009 at 11:14 AM, Paul Cartwright <ale at pcartwright.com>wrote:

> I was on my wifes laptop, surfing the internet, and I tried ( and failed)
> to
> ssh to our Debian desktop. Then I remembered my IPtables script I run. SO I
> ran the script, and was then able to ssh into my desktop. The problem is (
> I
> think) now I cannot surf the internet, though the connection is up. Would
> this script have anything to do with it?::
>
> iptables -I INPUT -p tcp -m state --state NEW --dport 80 -i eth0 -j ACCEPT
> iptables -I INPUT -p tcp -m state --state NEW --dport 22 -i eth0 -j ACCEPT
> /sbin/iptables -N ssh-connection
> /sbin/iptables -A ssh-connection -i eth0 -p tcp --dport 22 -m
> recent --update --seconds 600 --hitcount 4 --rttl --name SSH -j
> LOG --log-prefix "SSH_brute_force "
> /sbin/iptables -A ssh-connection -i eth0 -p tcp --dport 22 -m
> recent --update --seconds 600 --hitcount 4 --rttl --name SSH -j DROP
> /sbin/iptables -A ssh-connection -p tcp --dport 22 -m state --state NEW -m
> recent --set --name SSH -j ACCEPT
>
>
> Nothing else changed, so if this isn't what is wrong, I am clueless. If it
> IS
> the culprit, what did I do wrong, and what can I do to fix it?
>
> --
> Paul Cartwright
> Registered Linux user # 367800
> Registered Ubuntu User #12459
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20091010/43b8e5b4/attachment-0001.html 


More information about the Ale mailing list