[WBEL-users] iptables - where and how to insert the rules ?

Mário Gamito gamito@netual.pt
Fri, 03 Dec 2004 13:46:15 +0000 

Hi,

Thank you for your answer.

It doesn't work.
/etc/sysconfig/iptables

# Máquinas autorizadas a aceder ao servidor de desenvolvimento.
-A INPUT -s 127.0.0.1 -j ACCEPT #loopback
-A INPUT -s 10.10.2.221 -j ACCEPT # Jardim
-A INPUT -s 10.10.2.222 -j ACCEPT # Dina
-A INPUT -s 10.10.2.223 -j ACCEPT # Filipe
-A INPUT -s 10.10.2.224 -j ACCEPT # Pedro
-A INPUT -s 10.10.2.225 -j ACCEPT # Vitor RJ45
-A INPUT -s 10.10.2.226 -j ACCEPT # Vitor WiFi
-A INPUT -s 10.10.2.227 -j ACCEPT # Gamito Intel 1Gb
-A INPUT -s 10.10.2.228 -j ACCEPT # Gamito portatil WiFI
-A INPUT -s 10.10.2.229 -j ACCEPT # Aragao

# O resto do pessoal fica à porta :)
-A INPUT -s 10.10.2.0/24 -j DROP


/etc/init.d/iptables restart

[root@nau sysconfig]# /etc/init.d/iptables restart
Applying iptables firewall rules: iptables-restore: line 2 failed
                                                            [FAILED]
[root@nau sysconfig]#

What am i still doing wrong ?

Any help would be appreciated.

Warm Regards.

Graham Purcocks wrote:
> Thats because sysconfig/iptables is iptabled dump format.
> 
> such as
> 
> -A INPUT -p tcp -j tcp_packets
> 
> 
> Mário Gamito wrote:
> 
>> Hi,
>>
>> I'm currently running a development server based on WBEL, with a few 
>> iptables rules, because i don't want no one except the development 
>> team to access it.
>>
>> Well, i have this executable, rc.firewall in /etc, being called form 
>> /etc/rc.local
>>
>> I believe this is not the right thing (TM) to do, although it works.
>>
>>  From what i saw in iptables ctl, the rules should be in 
>> /etc/sysconfig/iptables, right ?
>> But when i insert them in that file, i always get an error from 
>> "/etc/init.d/iptables start", saying it doesn't recognize the text.
>>
>> Any help about how it should be done ?
>>
>> Thank you.
>>
>> Warm Regards.


-- 
Mário Gamito
Administração de sistemas e desenvolvimento
Netual - Multimédia e Telecomunicações, Lda.
Rua João Afonso, Nº1
3800-198 Aveiro - Portugal
Tel. +351 234 371 431 / Fax. +351 234 371 438
E-mail: gamito@netual.pt
www.netual.pt