Unix Technical Forum

IP Tables/Chains

This is a discussion on IP Tables/Chains within the Debian Linux support forums, part of the Debian Linux category; --> Hi All, I fired up a copy of Kanotix - interesting experience. I understand it's a customized version of ...


Go Back   Unix Technical Forum > Unix Operating Systems > Debian Linux > Debian Linux support

IP Tables/Chains IP Tables/Chains

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 01-19-2008, 08:12 AM
Chuck Dubois
 
Posts: n/a
Default IP Tables/Chains
Hi All,

I fired up a copy of Kanotix - interesting experience. I understand it's
a customized version of Debian. I'm having firewall problems and thought
to post here because of little response on the Kanotix board.

Basically, this version of Kanotix had no firewall utility. I'm told that
it used a standard IP tables firewall. I checked at GRC.com and saw that
I had three ports in stealth and all other common ports closed. I wanted
to change that to stealth all ports, so I fired up Guarddog and set
everything the way I like.

Unfortunately, the changes from Guarddog did not take. I went back into
Guarddog and opened a port. Again, the changes did not take.

This is the first time I've ever encountered this. Anyone have a clue
what's happening?


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 01-19-2008, 08:12 AM
Peter J Ross
 
Posts: n/a
Default Re: IP Tables/Chains
On Mon, 12 Feb 2007 07:15:57 -0600, Chuck Dubois
<C_Dubois@digitalcity.net> wrote in alt.os.linux.debian:

> Hi All,
>
> I fired up a copy of Kanotix - interesting experience. I understand it's
> a customized version of Debian. I'm having firewall problems and thought
> to post here because of little response on the Kanotix board.
>
> Basically, this version of Kanotix had no firewall utility. I'm told that
> it used a standard IP tables firewall. I checked at GRC.com and saw that
> I had three ports in stealth and all other common ports closed. I wanted
> to change that to stealth all ports, so I fired up Guarddog and set
> everything the way I like.
>
> Unfortunately, the changes from Guarddog did not take. I went back into
> Guarddog and opened a port. Again, the changes did not take.
>
> This is the first time I've ever encountered this. Anyone have a clue
> what's happening?

Two thoughts:

1. Are you using Guarddog as root? If not, it won't be able to create any
firewall rules.

2. Do you need to save changes explicitly in Guarddog before exiting?

If you can't get a result with Guarddog, it's quite easy to do what
you want from the command line. Run these four commands as root:

/sbin/iptables -F INPUT
/sbin/iptables -P INPUT DROP
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

You can find out exactly what these commands do from the iptables
manual and/or the documentation at netfilter.org.

To preserve the changes after rebooting, you can put the four commands
into an executable script and run it at start-up.


--
PJR :-)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« software file joiner | VNC - problems running RealVNC 4.1.2 vncserver (Xvnc) »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


All times are GMT. The time now is 08:27 PM.

Contact Us - Unix Technical Forums - Top

Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0
www.UnixAdminTalk.com