Solved

inputting IPTABLES rule help

Posted on 2004-08-16
4
238 Views
Last Modified: 2010-04-20
Hi

I've basically firewalled off everything except for SSH and Mail on a redhat server just using the security gui in gnome.

However I need to allow localhost to accept on 10025.

What would be the iptables command to insert this into the iptables rules?

Thanks

0
Comment
Question by:hnad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 250 total points
ID: 11817450
With respect to the localhost IP (127.0.0.1) it is completely safe to allow everything to/from that IP. The kernel will ensure that the localhost IP can't be abused from outside of the local machine. Any firewall I set up includes:

#
# The loopback interface is inheritly trustworthy. Don't disable it or
# a number of things on the firewall will break.
#
/sbin/iptables -A INPUT -i lo -j ACCEPT
0
 
LVL 1

Author Comment

by:hnad
ID: 11817580
Sorry never had to fiddle with iptables before. Basically my issue is I need to let a virus scanner bind to port 10025 and then firewall 10025 from all hosts except for localhost. Only Postfix will need to contact the virus scanner directly. Postfix and the virus scanner are on the same box.

Thanks.

0
 
LVL 40

Expert Comment

by:jlevie
ID: 11822701
The rule above will do that, and as I pointed out the kernel will ensure that the localhost IP can only be accessed from the local machine. This is true of all systems that have a TCP/IP stack since all of those have a localhost at 127.0.0.1. And as the comment for that rule says, not having the localhost IP open for connections will break other things.
0
 
LVL 1

Author Comment

by:hnad
ID: 11826145
ok thanks

Seems to be working ok.

:)
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question