?
Solved

inputting IPTABLES rule help

Posted on 2004-08-16
4
Medium Priority
?
259 Views
Last Modified: 2010-04-20
Hi

I've basically firewalled off everything except for SSH and Mail on a redhat server just using the security gui in gnome.

However I need to allow localhost to accept on 10025.

What would be the iptables command to insert this into the iptables rules?

Thanks

0
Comment
Question by:hnad
  • 2
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 750 total points
ID: 11817450
With respect to the localhost IP (127.0.0.1) it is completely safe to allow everything to/from that IP. The kernel will ensure that the localhost IP can't be abused from outside of the local machine. Any firewall I set up includes:

#
# The loopback interface is inheritly trustworthy. Don't disable it or
# a number of things on the firewall will break.
#
/sbin/iptables -A INPUT -i lo -j ACCEPT
0
 
LVL 1

Author Comment

by:hnad
ID: 11817580
Sorry never had to fiddle with iptables before. Basically my issue is I need to let a virus scanner bind to port 10025 and then firewall 10025 from all hosts except for localhost. Only Postfix will need to contact the virus scanner directly. Postfix and the virus scanner are on the same box.

Thanks.

0
 
LVL 40

Expert Comment

by:jlevie
ID: 11822701
The rule above will do that, and as I pointed out the kernel will ensure that the localhost IP can only be accessed from the local machine. This is true of all systems that have a TCP/IP stack since all of those have a localhost at 127.0.0.1. And as the comment for that rule says, not having the localhost IP open for connections will break other things.
0
 
LVL 1

Author Comment

by:hnad
ID: 11826145
ok thanks

Seems to be working ok.

:)
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Often times it's very very easy to extend a volume on a Linux instance in AWS, but impossible to shrink it. I wanted to contribute to the experts-exchange community a way of providing a procedure that works on an AWS instance. It can also be used on…
Cron is one of the most popular and basic utilities found on Unix systems. Combined with other tools, cron makes it exceptionally easy to automate a broad range of tasks on your server.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses

594 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question