[Centos] Messing around with iptables

scty Library sctylib2004 at yahoo.com
Fri Aug 13 12:27:06 UTC 2004 

Hello all,

Thanks for all your advice I will probably use one of
the distro/products suggested.

I did figure out why it didn't work.  I already had
the RH firewall enabled so that took precedences. 
When I disabled it I was then able to use that command
and it worked just fine.

Thanks again.

--- Dag Wieers <dag at wieers.com> wrote:

> On Thu, 12 Aug 2004, scty Library wrote:
> 
> > No, that did not work either.
> 
> Allow me to demonstrate this one:
> 
> 	[root at emyn ~]# ping 127.0.0.1
> 	PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
> 	64 bytes from 127.0.0.1: icmp_seq=0 ttl=64
> time=0.049 ms
> 	64 bytes from 127.0.0.1: icmp_seq=1 ttl=64
> time=0.047 ms
> 
> 	--- 127.0.0.1 ping statistics ---
> 	2 packets transmitted, 2 received, 0% packet loss,
> time 1002ms
> 	rtt min/avg/max/mdev = 0.047/0.048/0.049/0.001 ms,
> pipe 2
> 
> 	[root at emyn ~]# iptables -A INPUT -d 127.0.0.1 -p
> icmp -j DROP
> 
> 	[root at emyn ~]# ping 127.0.0.1
> 	PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
> 	
> 	--- 127.0.0.1 ping statistics ---
> 	2 packets transmitted, 0 received, 100% packet
> loss, time 1002ms
> 
> 	[root at emyn ~]# iptables -L INPUT -xnv 
> 	Chain INPUT (policy ACCEPT 29425 packets, 14876789
> bytes)
> 	    pkts      bytes target     prot opt in     out 
>    source               destination         
> 	       2      168 DROP       icmp --  *      *     
>  0.0.0.0/0            127.0.0.1   
> 
> 	[root at emyn ~]# iptables -D INPUT -d 127.0.0.1 -p
> icmp -j DROP
> 
> 	[root at emyn ~]# ping 127.0.0.1
> 	PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
> 	64 bytes from 127.0.0.1: icmp_seq=0 ttl=64
> time=0.050 ms
> 	64 bytes from 127.0.0.1: icmp_seq=1 ttl=64
> time=0.047 ms
> 
> 	--- 127.0.0.1 ping statistics ---
> 	2 packets transmitted, 2 received, 0% packet loss,
> time 1017ms
> 	rtt min/avg/max/mdev = 0.047/0.048/0.050/0.007 ms,
> pipe 2
> 
> It should be the same for you.
> 
> Kind regards,
> --   dag wieers,  dag at wieers.com, 
> http://dag.wieers.com/   --
> [Any errors in spelling, tact or fact are
> transmission errors]
> 


		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail

More information about the CentOS mailing list