Problem with Firewall
Mike Burger
mburger at bubbanfriends.org
Thu Sep 30 12:31:18 UTC 2004
On Wed, 29 Sep 2004, TongKe Xue wrote:
> Hi all,
>
> I'm using the iptables config from:
> http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-5.html
>
> Now, when I try that, apparently KDE and GNOME both refuses to start
> -- do they run some kind of server and then connect to it? How can I
> fix this?
>
> (Worked fine on RH9; but apparently refuses to work on FC2).
>
> To make it easier to respond; the section I'm referring to is:
>
> --BEGIN QUOTE--
> ## Insert connection-tracking modules (not needed if built into kernel).
> # insmod ip_conntrack
> # insmod ip_conntrack_ftp
>
> ## Create chain which blocks new connections, except if coming from inside.
> # iptables -N block
> # iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
> # iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT
> # iptables -A block -j DROP
>
> ## Jump to that chain from INPUT and FORWARD chains.
> # iptables -A INPUT -j block
> --END QUOTE--
Just a quick note...I'm hoping that you realize that if you have that
exact snippet in your firewall script, there's nothing going on, at
all...all of the lines starting with # are effectively commented out.
--
Mike Burger
http://www.bubbanfriends.org
Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org
To be notified of updates to the web site, visit
http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a
message to:
site-update-request at bubbanfriends.org
with a message of:
subscribe
More information about the fedora-list
mailing list