Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[SOLVED] Problem z iptables
 View unanswered posts
View posts from last 24 hours
View posts from last 7 days

rackathon
 
Reply to topic    Gentoo Forums Forum Index Polskie forum (Polish)
View previous topic :: View next topic  
Author Message
Belliash
Veteran
Veteran


Joined: 24 Nov 2004
Posts: 2017
Location: Legnica, Poland
PostPosted: Sun May 20, 2007 12:44 pm    Post subject: [SOLVED] Problem z iptables Reply with quote
Witam,
Chcialbym sobie wrzucic takie regolki:

Code:
iptables -P INPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT
iptables -A INPUT -p tcp --dport 1550 -m state --state NEW -j ACCEPT
iptables -A INPUT -p udp --dport 1550 -m state --state NEW -j ACCEPT
iptables -A INPUT -p tcp --dport 9176 -m state --state NEW -j ACCEPT
iptables -A INPUT -p udp --dport 9176 -m state --state NEW -j ACCEPT
iptables -A INPUT -p tcp --dport 58856 -m state --state NEW -j ACCEPT
iptables -A INPUT -p udp --dport 58856 -m state --state NEW -j ACCEPT

iptables -A INPUT -p TCP --syn -j REJECT
iptables -A INPUT -p tcp -i eth0 -j REJECT --reject-with tcp-reset
iptables -A INPUT -p udp -i eth0 -j REJECT --reject-with icmp-port-unreachable



ale juz na: "iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT"
dostaje: "iptables: No chain/target/match by that name"


Nie wiem co jest grane, tymbardziej, ze:

Code:
PECET rootfs # grep NETFILTER /usr/src/linux/.config |grep -vh '^[[:space:]]*\(#\|$\)'
CONFIG_NETFILTER=y
CONFIG_NETFILTER_NETLINK=m
CONFIG_NETFILTER_NETLINK_QUEUE=m
CONFIG_NETFILTER_NETLINK_LOG=m
CONFIG_NETFILTER_XTABLES=m
CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
CONFIG_NETFILTER_XT_TARGET_DSCP=m
CONFIG_NETFILTER_XT_TARGET_MARK=m
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m
CONFIG_NETFILTER_XT_TARGET_NFLOG=m
CONFIG_NETFILTER_XT_TARGET_TCPMSS=m
CONFIG_NETFILTER_XT_MATCH_COMMENT=m
CONFIG_NETFILTER_XT_MATCH_DCCP=m
CONFIG_NETFILTER_XT_MATCH_DSCP=m
CONFIG_NETFILTER_XT_MATCH_ESP=m
CONFIG_NETFILTER_XT_MATCH_LENGTH=m
CONFIG_NETFILTER_XT_MATCH_LIMIT=m
CONFIG_NETFILTER_XT_MATCH_MAC=m
CONFIG_NETFILTER_XT_MATCH_MARK=m
CONFIG_NETFILTER_XT_MATCH_POLICY=m
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m
CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m
CONFIG_NETFILTER_XT_MATCH_QUOTA=m
CONFIG_NETFILTER_XT_MATCH_REALM=m
CONFIG_NETFILTER_XT_MATCH_SCTP=m
CONFIG_NETFILTER_XT_MATCH_STATISTIC=m
CONFIG_NETFILTER_XT_MATCH_STRING=m
CONFIG_NETFILTER_XT_MATCH_TCPMSS=m
CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m


PECET rootfs # grep _NF_ /usr/src/linux/.config |grep -vh '^[[:space:]]*\(#\|$\)'
CONFIG_NF_CONNTRACK_ENABLED=m
CONFIG_NF_CONNTRACK_SUPPORT=y
CONFIG_NF_CONNTRACK=m
CONFIG_NF_CT_ACCT=y
CONFIG_NF_CONNTRACK_MARK=y
CONFIG_NF_CONNTRACK_EVENTS=y
CONFIG_NF_CT_PROTO_GRE=m
CONFIG_NF_CT_PROTO_SCTP=m
CONFIG_NF_CONNTRACK_AMANDA=m
CONFIG_NF_CONNTRACK_FTP=m
CONFIG_NF_CONNTRACK_H323=m
CONFIG_NF_CONNTRACK_IRC=m
CONFIG_NF_CONNTRACK_NETBIOS_NS=m
CONFIG_NF_CONNTRACK_PPTP=m
CONFIG_NF_CONNTRACK_SANE=m
CONFIG_NF_CONNTRACK_SIP=m
CONFIG_NF_CONNTRACK_TFTP=m
CONFIG_NF_CT_NETLINK=m
CONFIG_NF_CONNTRACK_IPV4=m
CONFIG_NF_CONNTRACK_PROC_COMPAT=y
CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_IPRANGE=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m



Nie bardzo wiem co moglem pominac?
Jakies sugestie?
DZIEKI!
_________________
[ #epheket@irc.freenode.net:6667 ]

Last edited by Belliash on Mon May 21, 2007 12:31 am; edited 1 time in total
Back to top
View user's profile Send private message
sir KAT
Tux's lil' helper
Tux's lil' helper


Joined: 27 Aug 2005
Posts: 117
Location: Kraków
PostPosted: Sun May 20, 2007 1:15 pm    Post subject: Re: Problem z iptables Reply with quote
Morpheouss wrote:
Witam,
Nie bardzo wiem co moglem pominac?
Jakies sugestie?

CONFIG_NETFILTER_XT_MATCH_STATE
_________________
Pozdrawiam!
Krzysiek
Back to top
View user's profile Send private message
timor
Guru
Guru


Joined: 25 May 2005
Posts: 477
Location: Poland, Krk, NS
PostPosted: Sun May 20, 2007 1:44 pm    Post subject: Re: Problem z iptables Reply with quote
sir KAT wrote:
Morpheouss wrote:
Witam,
Nie bardzo wiem co moglem pominac?
Jakies sugestie?

CONFIG_NETFILTER_XT_MATCH_STATE
Trochę rzeczy się poprzenosiło, zerknij tutaj: http://forums.gentoo.org/viewtopic-p-4034731.html#4034731
Back to top
View user's profile Send private message
Belliash
Veteran
Veteran


Joined: 24 Nov 2004
Posts: 2017
Location: Legnica, Poland
PostPosted: Mon May 21, 2007 12:31 am    Post subject: Reply with quote
OK, moja wina!
Nie zauwazylem tego...


Dzieki za pomoc i wyrozumialosc ;)

Pozdrawiam!
_________________
[ #epheket@irc.freenode.net:6667 ]
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Polskie forum (Polish) All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2006 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. Powered by phpBB 2.0.22-gentoo-p6 © 2001, 2002 phpBB Group