I probably could answer most of your questions, but what you really ought to do is simply read the iptables man pages. It has most of the answers you seek. For instance, concerning ESTABLISHED versus RELATED, it states:
I had read the man pages. I always try to glean what I can out of them and other documentation and googling first. If you will notice my question, I was getting what seemed like odd behaviour. I also didn't know what I didn't know so I didn't have a base to understand many things. Since then, I have devoured reading all kinds of tips and tutorial on TCP/IP, etc. The problem on the RELATED,ESTABLISHED rule was that if I tested without the firewall, I was already connected with a page refresh. Then when I enabled the firewall, it let things go through that it shouldn't have. If I let the connection time out, then it works fine.
The manual doesn't explain things like how and why you want these type of rules:
and why you need:
and why REJECT instead of drop in:
I understand why now after a lot of reading and help from more helpful forums who say more than just "read the man page."
I feel that too many people assume that if you are having problems, that it is just because you didn't read the man pages, etc. Sometimes it is just that there are knowledge deficits the prevent the pieces from coming together. What is needed is for people to help fill in the gaps of this knowledge and mentor rather than simply quote the man page.
Hi
I have small home network and I want to block some forums on web
When I use this
iptables -A INPUT -s forum -j DROP
rules is applied but when I restart some of PC rules are not present any more also I tried to save firewall settings
iptables-save > /root/dsl.fw
but how to... (2 Replies)
Hello,
I was playing around with iptables to setup an isolated system. On a SLES10 system, I ran the below to setup my first draft of rules. I noticed that the rules come into effect immediately and do not require any restart of iptables.
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -m... (4 Replies)
Could someone help me with writing rules for iptables?
I need a dos attacks protection for a game server.
port type udp
ports 27015:27030
interface: eth0
Accept all packets from all IPs
Chek if IP sent more than 50 packets per second
Drop all packets from this IP for 5 minutes
I would be... (0 Replies)
Hi Champs
i am new in Iptables and trying to write rules for my Samba server.I took some help from internet, created one script and run from rc.local :
#Allow loopback
iptables -I INPUT -i lo -j ACCEPT
# Accept packets from Trusted network
iptables -A INPUT -s my-network/subnet -j... (0 Replies)
Hi all,
Exactly like my title says.
I am learning PHP and MySQL and I used to use /var/www/ to host (contain or store) my files (.htm/.php) for testing. I could configure, finally, apache2 to use ~/public_html instead.
Now I when I tried to use $_SERVER it still directs (I used echo to show... (7 Replies)
Hi there,
I have a VPS and am working on a little side project for myself and friend which is a DNS proxy. Everything was great till recently. My VPS IP has been detected by some botnet or something, and I believe SMURF attacks are occuring. The VPS provider keeps shutting down my VPS... (3 Replies)
Hi,
I've been struggling with this all morning and seem to have a blind spot on what the problem is. I'm trying to use iptables to block traffic on a little cluster of raspberry pi's but to allow ssh and ping traffic within it.
The cluster has a firewall server with a wifi card connecting to... (4 Replies)
Hello,
I did 2 scripts. The second one is, I hope, more secure.
What do you think?
Basic connection (no server, no router, no DHCP and the Ipv6 is disabled)
#######script one
####################
iptables -F
iptables -X -t filter
iptables -P INPUT DROP
iptables -P FORWARD... (6 Replies)
Hi, I am relatively new to firewalls and netfilter. I have a Debian Stretch router box running dnsmasq, connected to a VPN. Occasionally dnsmasq polls all of the desired DNS servers to select the fastest. When it does this it responds to replies of the non-selected DNS servers with a icmp type... (0 Replies)