[Last Call] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 264
  • Last Modified:

Newby to IP tables - How do I see what I have for a firewall ? Nmap does not seem to be "accurate"

I am using the lastest redhat 5.4.  When I look at my iptables -L I have a short firewall and it does not let much in.  If I do an Nmap, I get more ports than the firewall allows.

If I want to see what I really have for a firewall, I can test ALL Ports individually or is there some way to do this easly ?  I thought that if I blocked a port in iptables, it would not show up in nmap.  

Oh, keep an eye on my user id today, I will be asking a bunch of silly questoins that are easy pickings for the right person :)  Today is a "study iptables" day :)

2 Solutions
Michael WorshamInfrastructure / Solutions ArchitectCommented:
A good free tool to use for setting up IPTables is Firewall Builder (http://www.fwbuilder.org/)

Firewall Builder consists of an object-oriented GUI and a set of policy compilers for various firewall platforms. In Firewall Builder, a firewall policy is a set of rules; each rule consists of abstract objects that represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations.

As a bonus (and to make it easier), if you have an existing IPTables firewall setup, Firewall Builder GUI has built-in policy importer that can import iptables policy saved with iptables-save script.
run service iptables status to get the current firewall that is active on the system.

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now