Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: iptables On for eth0 and off for other interfaces
Special Forums IP Networking iptables On for eth0 and off for other interfaces Post 302816883 by landossa on Tuesday 4th of June 2013 07:30:18 PM
Old 06-04-2013
Here is my current iptables file:

Code:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -p tcp --dport 11000:11010 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

So the above applies to all interfaces, but I want to specify interfaces in this file which allow all traffic both in and out. Lets say I want to exclude eth1 and eth3 from iptables rules.
 

10 More Discussions You Might Find Interesting

1. IP Networking

Linux eth0 incative

Hi there, I got a problem with my linux eth0. It worked well, just one day when i boot it, "Failed" to be active. The eth0 is inactive! I tried to use KDE network configuration tool to add the type of the eth card, I can't make it active. It gave me warning of "the eth card can't be... (1 Reply)
Discussion started by: gusla
1 Replies

2. IP Networking

Adding an IP to eth0

Hi there guys! I have a small task that I have to accomplish, but I don't seem to be able to do that. I have a server that I don't have physical access to, and I mostly control it with webmin. The server is running 2 websites. Both of these websites have their own domains that are linked to... (1 Reply)
Discussion started by: D-Lexy
1 Replies

3. Red Hat

ifcfg-eth0 and eth1 is N/A

when i finish installed rhel 4.4 to my hp dl585 box, ifcfg-eth0 and ifcfg-eth1 is not available.when i ifconfig -a,i can not see the eth0 and eth1, only lo0 and si0. Unlike to the other server i found eth0 and eth1 files in /etc/sysconfig/network-scripts/. what will i do? (2 Replies)
Discussion started by: kenshinhimura
2 Replies

4. Ubuntu

Trying to config eth0 - Ubuntu

Greetings, I have installed a Ubuntu server and attempting put a static IP address on interface ETH0. I edited the /etc/network/interfaces with the following: auto eth0 iface eth0 inet static address 192.168.203.270 gateway 192.168.203.1 netwask 255.255.255.0 network 192.168.0.0... (2 Replies)
Discussion started by: jroberson
2 Replies

5. UNIX for Dummies Questions & Answers

how can I find which one is eth0?

Hi, Just installed Centos 5.1 on HP DL360, on this system I have to close to ten nic's. How can I find which one is eth0? When I do " ifconfig -a" I see all of them, but I can't tell which is eth0? Please advice. (2 Replies)
Discussion started by: samnyc
2 Replies

6. Red Hat

Device eth0 issue

Hi, I have just installed RHEL 5.4 on a BL430c-class server and I am attempting to connect to the network only when I try and start eth0, I get the following error? "Bringing up Interface eth0: hp device eth0 does not seem to be present, delaying initialization." I am using a HP... (18 Replies)
Discussion started by: Duffs22
18 Replies

7. Red Hat

VMBox not Recognizing eth0 on RH.

Hello, I re-installed my laptop and installed a new copy of VMBOX, I created a VM Machine with my Rhel5 and a CEntos copy as well. I am using a laptop HP DV4, I use wireless on the laptop. Usually when I boot up in to either machine I would get eht0 and lo as usual now I just don't get... (4 Replies)
Discussion started by: NelsonC
4 Replies

8. Red Hat

Eth0 Limitations

Hi, I have noticed some performance issues on my RHEL5 server but the memory and CPU utilization on the box is fine. I have a 1G full duplexed eth0 card and I am suspicious that this may be causing the problem. My eth0 settings are as follows: Settings for eth0: Supported ports: ... (12 Replies)
Discussion started by: Duffs22
12 Replies

9. Solaris

Interfaces and Virtual-interfaces queries

Hi Al, In course of understanding networking in Solaris, I have these doubts on Interfaces. Please clarify me. I have done fair research in this site and others but could not be clarified. 1. In the "ifconfig -a" command, I see many interfaces and their configurations. But I see many... (1 Reply)
Discussion started by: satish51392111
1 Replies

10. Red Hat

Eth0 not running in redhat 6.4

Hi guys, I really need your help with this. My network interface eth0 is up but not running. I checked udev rules and ifcfg-eth0 files to make sure the mac address are the same. It just would not come up. Please please I will really appreciate the help here. Thank you in advance. (3 Replies)
Discussion started by: cjashu
3 Replies

LEARN ABOUT OSX

tc-fw

Firewall mark classifier in tc(8)				       Linux					 Firewall mark classifier in tc(8)

NAME

       fw - fwmark traffic control filter

SYNOPSIS

       tc filter ... fw [ classid CLASSID ] [ action ACTION_SPEC ]

DESCRIPTION

       the fw filter allows to classify packets based on a previously set fwmark by iptables.  If it is identical to the filter's handle, the fil-
       ter matches.  iptables allows to mark single packets with the MARK target, or whole connections using CONNMARK.	The benefit of using  this
       filter  instead of doing the heavy-lifting with tc itself is that on one hand it might be convenient to keep packet filtering and classifi-
       cation in one place, possibly having to match a packet just once, and on the other users familiar with iptables but not tc will have a less
       hard time adding QoS to their setups.

OPTIONS

       classid CLASSID
	      Push matching packets to the class identified by CLASSID.

       action ACTION_SPEC
	      Apply an action from the generic actions framework on matching packets.

EXAMPLES

       Take e.g. the following tc filter statement:

	      tc filter add ... handle 6 fw classid 1:1

       will match if the packet's fwmark value is 6.  This is a sample iptables statement marking packets coming in on eth0:

	      iptables -t mangle -A PREROUTING -i eth0 -j MARK --set-mark 6

SEE ALSO

       tc(8), iptables(8), iptables-extensions(8)

iproute2							    21 Oct 2015 				 Firewall mark classifier in tc(8)
All times are GMT -4. The time now is 06:18 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy