Solved

inputting IPTABLES rule help

Posted on 2004-08-16
4
214 Views
Last Modified: 2010-04-20
Hi

I've basically firewalled off everything except for SSH and Mail on a redhat server just using the security gui in gnome.

However I need to allow localhost to accept on 10025.

What would be the iptables command to insert this into the iptables rules?

Thanks

0
Comment
Question by:hnad
  • 2
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 250 total points
ID: 11817450
With respect to the localhost IP (127.0.0.1) it is completely safe to allow everything to/from that IP. The kernel will ensure that the localhost IP can't be abused from outside of the local machine. Any firewall I set up includes:

#
# The loopback interface is inheritly trustworthy. Don't disable it or
# a number of things on the firewall will break.
#
/sbin/iptables -A INPUT -i lo -j ACCEPT
0
 
LVL 1

Author Comment

by:hnad
ID: 11817580
Sorry never had to fiddle with iptables before. Basically my issue is I need to let a virus scanner bind to port 10025 and then firewall 10025 from all hosts except for localhost. Only Postfix will need to contact the virus scanner directly. Postfix and the virus scanner are on the same box.

Thanks.

0
 
LVL 40

Expert Comment

by:jlevie
ID: 11822701
The rule above will do that, and as I pointed out the kernel will ensure that the localhost IP can only be accessed from the local machine. This is true of all systems that have a TCP/IP stack since all of those have a localhost at 127.0.0.1. And as the comment for that rule says, not having the localhost IP open for connections will break other things.
0
 
LVL 1

Author Comment

by:hnad
ID: 11826145
ok thanks

Seems to be working ok.

:)
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Fine Tune your automatic Updates for Ubuntu / Debian
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now