[Comm-en] setting up iptables
djbouley
djbouley at shaw.ca
Tue Apr 8 16:52:26 MSD 2003
"iptabes": was it copied over or typed in by hand? (so is it a
typo somewhere in the package or not)
I typed it in by hand. Of course it is entirely possible that there's an
error in it that I'm just not seeing.
OTOH /usr/lib/iptables/libipt_tcprules.so is not present on my
system; need to look at iptables config file.
I cannot find it on my system either.
> Try 'iptables-restore -h' or 'iptables-restore --help' for more
information
> [FAILED]
> ===================================================
Umm... could you run "rpm -V iptables" and quote the output?
(should be something like this:
..?..... c /etc/sysconfig/iptables
..?..... c /etc/sysconfig/iptables_modules
)
Running rpm -V iptables produced this:
SM5....T c /etc/sysconfig/iptables
..?..... c /etc/sysconfig/iptables_modules
> I double checked the previous files I created and they're okay.
Attaching /etc/sysconfig/iptables could help too.
> Any suggestions? I'm almost there... I can 'feel' it! :o)
Here's the contents of /etc/sysconfig/iptables:
-------------- next part --------------
*filter
-A INPUT -j tcprules
-A FORWARD -j tcprules
-A tcprules -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A tcprules -i ! eth1 -m state --state NEW -j ACCEPT
-A tcprules -i eth1 -m state --state INVALID,NEW -j DROP
-A tcprules -i eth1 -j REJECT --reject-with icmp-host-unreachable
COMMIT
*nat
-A POSTROUTING -s 192.168.0.0/24 -o eth1 -j MASQUERADE
COMMIT
More information about the community-en
mailing list