Solved

iptables Question - Default policy

Posted on 2006-11-08
2
153 Views
Last Modified: 2012-05-05
Using the example below, all incoming packets are automatically dropped (ie ignored) for the workstation unless
-The packets are for udp ports 137 through 139 and originate from an IP address of 66.66.66.66
-The packets are for tcp port 445 and originate from an IP address of 66.66.66.66.  
-The packets are used for loopback

Am I interpreting this correctly?  

What is the established/related entry useful for?

iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth0 -p udp -m udp -s 66.66.66.66 --dport 137:139 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp - m tcp -s 66.66.66.66 --dport 445 -j ACCEPT
0
Comment
Question by:BendOverIGotYourBack
2 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 125 total points
ID: 17904654
You are correct.
> iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
In short it means to accept packets that comes within already started connections(ESTABLISHED) - usually those are connections initiated from the box itself - in other words all outgoing connaections are permitted(since iptables -P OUTPUT ACCEPT)
Also RELATED connections are fine. There are some cases, where connecting to Your host requires two connections. A good examples are ftp and auth protocols.
0
 

Author Comment

by:BendOverIGotYourBack
ID: 17942124
thank you.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now