[Centos] Messing around with iptables

Andrew Cotter Andrew.Cotter at SomersetCapital.com
Fri Aug 13 13:06:24 UTC 2004 

If you want to get serious about firewalls, I suggest picking up a good
book.

My favorite so far is "Linux Firewalls" by Robert L. Ziegler.

Of course there are tons of resources on the net that can be very helpful
too!

Good luck!

-----Original Message-----
From: centos-admin at caosity.org [mailto:centos-admin at caosity.org]On
Behalf Of scty Library
Sent: Friday, August 13, 2004 8:27 AM
To: centos Linux
Subject: Re: [Centos] Messing around with iptables


Hello all,

Thanks for all your advice I will probably use one of
the distro/products suggested.

I did figure out why it didn't work.  I already had
the RH firewall enabled so that took precedences.
When I disabled it I was then able to use that command
and it worked just fine.

Thanks again.

--- Dag Wieers <dag at wieers.com> wrote:

> On Thu, 12 Aug 2004, scty Library wrote:
>
> > No, that did not work either.
>
> Allow me to demonstrate this one:
>
> 	[root at emyn ~]# ping 127.0.0.1
> 	PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
> 	64 bytes from 127.0.0.1: icmp_seq=0 ttl=64
> time=0.049 ms
> 	64 bytes from 127.0.0.1: icmp_seq=1 ttl=64
> time=0.047 ms
>
> 	--- 127.0.0.1 ping statistics ---
> 	2 packets transmitted, 2 received, 0% packet loss,
> time 1002ms
> 	rtt min/avg/max/mdev = 0.047/0.048/0.049/0.001 ms,
> pipe 2
>
> 	[root at emyn ~]# iptables -A INPUT -d 127.0.0.1 -p
> icmp -j DROP
>
> 	[root at emyn ~]# ping 127.0.0.1
> 	PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
>
> 	--- 127.0.0.1 ping statistics ---
> 	2 packets transmitted, 0 received, 100% packet
> loss, time 1002ms
>
> 	[root at emyn ~]# iptables -L INPUT -xnv
> 	Chain INPUT (policy ACCEPT 29425 packets, 14876789
> bytes)
> 	    pkts      bytes target     prot opt in     out
>    source               destination
> 	       2      168 DROP       icmp --  *      *
>  0.0.0.0/0            127.0.0.1
>
> 	[root at emyn ~]# iptables -D INPUT -d 127.0.0.1 -p
> icmp -j DROP
>
> 	[root at emyn ~]# ping 127.0.0.1
> 	PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
> 	64 bytes from 127.0.0.1: icmp_seq=0 ttl=64
> time=0.050 ms
> 	64 bytes from 127.0.0.1: icmp_seq=1 ttl=64
> time=0.047 ms
>
> 	--- 127.0.0.1 ping statistics ---
> 	2 packets transmitted, 2 received, 0% packet loss,
> time 1017ms
> 	rtt min/avg/max/mdev = 0.047/0.048/0.050/0.007 ms,
> pipe 2
>
> It should be the same for you.
>
> Kind regards,
> --   dag wieers,  dag at wieers.com,
> http://dag.wieers.com/   --
> [Any errors in spelling, tact or fact are
> transmission errors]
>



__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
_______________________________________________
CentOS mailing list
CentOS at caosity.org
http://www.caosity.org/mailman/listinfo/centos

More information about the CentOS mailing list