Page 4 of 7 FirstFirst ... 23456 ... LastLast
Results 31 to 40 of 69

Thread: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

  1. #31
    Join Date
    Aug 2007
    Beans
    68

    Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    Quote Originally Posted by xinix View Post
    Code:
    iptables -A INPUT --mac-source xx:xx:xx:xx:xx:xx -j ACCEPT
    I get this error: iptables v1.3.8: Unknown arg `--mac-source'

    Any suggestions on how I can do this?

    Thanks
    try something like
    Code:
    iptables -A INPUT -m mac --mac-source xx:xx:xx:xx:xx:xx -j ACCEPT

  2. #32
    Join Date
    Aug 2007
    Beans
    68

    Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    Thanks for these 2 guides I now have set up in/out filtering and logging...

    So, now how do I figure out which software is actually using/sending/listening to a specific port? Eg I periodically have outgoing packages on port 10694 to various IPs, how do I figure out which software is responsible for doing this? Would be quite helpful in determining what traffic to allow.

  3. #33
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,585
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    Firewalls do not filter by application. Possibly netstat may help you.

  4. #34
    Join Date
    Aug 2007
    Beans
    68

    Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    Ahh, netstat -tunap seem to do exactly what I was looking for
    Thanks

  5. #35
    Join Date
    May 2006
    Beans
    164

    Question Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    Code:
    iptables -A FIREWALL -j TRUSTED     # Send all package to the TRUSTED chain
    iptables -A FIREWALL -j DROP        # DROP all other packets
    As far as I understand it, the second line with dropping all packets from the FIREWALL chain is never reached, because you send all packets to the TRUSTED chain before that, so there is no dropping of any other packets, because that rule is never reached by any packet.

    Or am I wrong with this assumption (I'm just starting with iptables knowledge)?

  6. #36
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    Packets are sent to the RUSTED chain where they have a chance to get allowed then they are DROPED at the end of the FIREWALL chain.

    So you are a bit wrong with your assumption thinking that the DROP line is never reached. You can see this TRUSTED chain as a function or an include in standard programing language.

  7. #37
    Join Date
    May 2006
    Beans
    164

    Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    Oh, I see. Thanks for clarifying, because I indeed was totally wrong, which would have caused a major headache when playing around with my own iptables script.

    Somehow I was in the opinion, that once sent to a user defined chain, it would never come back to the parent chain (I must have been confused by some examples working with the -j RETURN target).

    Now I also can see the advantage, using your structure with FIREWALL and TRUSTED user defined chains.

  8. #38
    Join Date
    Mar 2009
    Location
    indonesia
    Beans
    12
    Distro
    Ubuntu 8.10 Intrepid Ibex

    Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    hi all,

    i just start learning iptables and i've found this article is very useful!
    thanks, frodon!

    however, i still don't quite understand how the chain works,
    when i write some iptables rules, which rule would be applied first?
    is it the first written? or..?

    i hope someone can depict this for me,, please,,


    at the moment i try to set up a gateway (Internet Connection Sharing) in an Ubuntu box:

    [internet]<--->[eth1::gateway::eth0]<--->[clients]

    i would like to know how do i integrate frodon's firewall script to the ICS script,
    so far, this is my script (i found this script from https://help.ubuntu.com/community/In...way%20set%20up):

    Code:
    iptables -A FORWARD -i eth1 -o eth0 -s 192.168.0.0/24 -m state --state NEW -j ACCEPT
    iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A POSTROUTING -t nat -j MASQUERADE
    i wonder if i add the FIREWALL script, then change the word 'ACCEPT' above to word 'FIREWALL',

    e.g.
    Code:
    ..
    iptables -A FORWARD -i eth1 -o eth0 -s 192.168.0.0/24 -m state --state NEW -j FIREWALL
    ..
    will the firewall script also works for the clients?
    if it won't, how should i accomplish this?

    thanks,

  9. #39
    Join Date
    Mar 2009
    Location
    indonesia
    Beans
    12
    Distro
    Ubuntu 8.10 Intrepid Ibex

    Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    i tried what i suggested before,
    well, i can not tell if the clients are firewalled too,,
    but their internet access are not blocked,,

  10. #40
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO: Set a custom firewall (iptables) and Tips [Advanced user only]

    I would in your case handle the FORWARD chain directly as you may want to have different rules for the gateway computer itself and for the forwarded internet connection.
    Connection sharing is a specific topic so i think it better to handle the FORWARD chain separately to avoid confusing an unexpected behaviour.

Page 4 of 7 FirstFirst ... 23456 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •