Login or Register to Ask a Question and Join Our Community


Linux

iptables rule problem

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux iptables rule problem
# 1  
Old 07-31-2010
iptables rule problem
Hi,
i have 40 client's in my network, that connected to internet via
squid server (WebProxy). i want none of these client can't ping my squid server bat squid server can ping them.i wrote these rules but it is'nt work.

Code:
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -A INPUT -p icmp -s 192.168.23.1/24 -d 0/0 -j ACCEPT
iptables -A OUTPUT -p icmp -s 192.168.23.1/24 -d /0/0 -j ACCEPT

squid server ip address is 192.168.23.1

please help.
thanks.
# 2  
Old 08-26-2010
first of all you need to see all your iptable list

Code:
iptable -L

and make sure there is no iptables rule , that will accept all connection
then

try this ->

let say your client ip range = 192.168.1.0/24
so

Code:
iptables -A INPUT -s 192.168.1.0/24 -p icmp -j ACCEPT

Last edited by ultramen7; 08-26-2010 at 12:55 AM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

iptables problem

Hallo I have a configuration problem. I my ubuntu server (with iptables) I have 3 interfaces (ip ending with 1) I have a private network ETH2à192.168.238.0/24 a DMZ: ETH1à192.168.238.0/24 and an external interface (eth 0 -->10.20.4.0/23) im my dmz I have a webserver (192.168.238.2) How can... (0 Replies)
Discussion started by: sarto76
0 Replies

2. UNIX for Dummies Questions & Answers

iptables rule to block access from VM Browser to Firewall Login Page

(1 Reply)
Discussion started by: senrabdet
1 Replies

3. UNIX for Dummies Questions & Answers

Problem with iptables while doing tftp.

Hi all, I have a problem. I have iptables enabled in my ubuntu system on which tftp server is configured. Now when I try to do a tftpget from another ubuntu 32-bit machine, file transfer is not happening. But, when iptables are disabled, everything is fine. I heard that some ip_conntrack module... (0 Replies)
Discussion started by: sai2krishna
0 Replies

4. Cybersecurity

iptables rule sanity check?

why would: iptables -A INPUT -s 180.0.0.0/8 -j DROP along with /etc/hosts.deny rule of ALL: 180.0.0.0/8 not stop traffic to/from 180.x.x.x, which I still see by running iftop? Or could iftop just be showing an artifact and is there a better way to monitor connections real-time? (3 Replies)
Discussion started by: unclecameron
3 Replies

5. IP Networking

iptables problem with ftp

I have a pretty stock iptables script. One rule allows active ftp from an outside IP address. To troubleshoot it, I opened up ftp to all connections from the outside. When a user outside our domain connects via FTP, they are denied. If I flush the rules, the ftp takes place successfully. This... (2 Replies)
Discussion started by: bricoleur
2 Replies

6. IP Networking

iptables - most easy way to find rule and remove it?

I have situation where I have rules in iptables with comments. Now... I can for example enter rule like "iptables -A FORWARD -s xxx -j ACCEPT" and delete it with "iptables -D FORWARD -s xxx -j ACCEPT".. but if that rule contain some random comment (-m comment) then ... ? I can find with scripting... (2 Replies)
Discussion started by: darkman_hr
2 Replies

7. Post Here to Contact Site Administrators and Moderators

Rule # 8

In light of this board's rule stating "no BSD vs. Linux vs. Windows or similar threads," is the following post legal (can I post it)? Hi. I'm thinking about obtaining a web server for business purposes and I want to learn to administer and maintain the server myself. I need to be able to use... (1 Reply)
Discussion started by: bluegospel
1 Replies

8. Programming

Problem with including foreign characters in Lex rule

Hi, I'm hoping that someone might be able to help me with this problem: I have already added new code to several existing Lex rules to accept the following foreign characters: å ä ö Å Ä Ö æ Æ ø Ø ü Ü ß. The code looks like this: /*Nathalie Stern, 080121 - Add å ä ö Å Ä Ö æ Æ ø Ø ü Ü ß handling to function*/... (1 Reply)
Discussion started by: Nathalie1
1 Replies

9. UNIX for Advanced & Expert Users

iptables rule to block ping to internet

I want to block ping on a linuxbox to any other address where it would go to the default gateway. vmdebianamd64:/etc/tcng# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 198.9.200.0 * 255.255.255.0 U 0 ... (1 Reply)
Discussion started by: progressdll
1 Replies

10. IP Networking

same old, same old - and iptables problem

I'm having a problem with iptables, despite being an old hand with ipchains. I am getting the following message when I try to "start" my iptables: I would usually say that one of the iptables kernel modules isn't loaded, especially if the `' actually read `nat' or `mangle' or something... (2 Replies)
Discussion started by: sam_pointer
2 Replies
Login or Register to Ask a Question