Linux Firewall: IPTABLES and Loopback

ViperSTD · 07-22-2002, 11:47 AM

I can't get my iptables set up correctly. It seems to work perfectly except that the loopback is being denied.

I have tried the two following configurations to no avail:
-------------------Configuration 1--------------------------
## Loop Back ##
/sbin/iptables -A INPUT -p tcp --syn -s 127.0.0.1 -j ACCEPT

######## Deny Everything else ########
/sbin/iptables -A INPUT -j DROP

-------------------Configuration 2----------------------------
## Loop Back ##
/sbin/iptables -A INPUT -i lo -j ACCEPT

######## Deny Everything else ########
/sbin/iptables -A INPUT -j DROP

Could someone please shed some light on this for me?

TIA

ViperSTD · 07-22-2002, 12:34 PM

Well, I got the loopback working (sortof) I can ping myself now but no one else can. Unfortunately, that still hasn't fixed my mail server problems.

Ah, if only Linux were a microsoft product.

MeltMan · 07-23-2002, 11:12 AM

If linux were a microsoft product, you would have shelled out $200 for it, and it would be buggy, uncustomizable, and evil.

Boltz · 07-23-2002, 07:16 PM

if you start off by setting the default policy to DENY on the

IN
OUT
and
FORWARD

then you have to set specific rules to allow wanted traffic through the firewall to the corresponding interface.

If you wanted to allow the LOOP back you simply do something like this (not sure if it is correct)

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -i lo -j ACCEPT

as for the others it may take some more thought as to who and what you want to access the interfaces

07-22-2002, 11:47 AM	#1
ViperSTD Cooling Neophyte Join Date: Jun 2002 Location: USA Posts: 9	Linux Firewall: IPTABLES and Loopback I can't get my iptables set up correctly. It seems to work perfectly except that the loopback is being denied. I have tried the two following configurations to no avail: -------------------Configuration 1-------------------------- ## Loop Back ## /sbin/iptables -A INPUT -p tcp --syn -s 127.0.0.1 -j ACCEPT ######## Deny Everything else ######## /sbin/iptables -A INPUT -j DROP -------------------Configuration 2---------------------------- ## Loop Back ## /sbin/iptables -A INPUT -i lo -j ACCEPT ######## Deny Everything else ######## /sbin/iptables -A INPUT -j DROP Could someone please shed some light on this for me? TIA

07-23-2002, 11:12 AM	#3
MeltMan Cooling Savant Join Date: Aug 2001 Location: KS Posts: 374	If linux were a microsoft product, you would have shelled out $200 for it, and it would be buggy, uncustomizable, and evil. __________________ MeltMan Lurker Supreme!

07-22-2002, 12:34 PM	#2
ViperSTD Cooling Neophyte Join Date: Jun 2002 Location: USA Posts: 9	Well, I got the loopback working (sortof) I can ping myself now but no one else can. Unfortunately, that still hasn't fixed my mail server problems. Ah, if only Linux were a microsoft product.

07-23-2002, 07:16 PM	#4
Boltz Cooling Neophyte Join Date: Jul 2002 Location: Vancouver BC Canada Posts: 23	if you start off by setting the default policy to DENY on the IN OUT and FORWARD then you have to set specific rules to allow wanted traffic through the firewall to the corresponding interface. If you wanted to allow the LOOP back you simply do something like this (not sure if it is correct) iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -i lo -j ACCEPT as for the others it may take some more thought as to who and what you want to access the interfaces

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)