[WBEL-users] iptables - where and how to insert the rules ?
Mário Gamito
gamito@netual.pt
Fri, 03 Dec 2004 13:46:15 +0000
Hi,
Thank you for your answer.
It doesn't work.
/etc/sysconfig/iptables
# Máquinas autorizadas a aceder ao servidor de desenvolvimento.
-A INPUT -s 127.0.0.1 -j ACCEPT #loopback
-A INPUT -s 10.10.2.221 -j ACCEPT # Jardim
-A INPUT -s 10.10.2.222 -j ACCEPT # Dina
-A INPUT -s 10.10.2.223 -j ACCEPT # Filipe
-A INPUT -s 10.10.2.224 -j ACCEPT # Pedro
-A INPUT -s 10.10.2.225 -j ACCEPT # Vitor RJ45
-A INPUT -s 10.10.2.226 -j ACCEPT # Vitor WiFi
-A INPUT -s 10.10.2.227 -j ACCEPT # Gamito Intel 1Gb
-A INPUT -s 10.10.2.228 -j ACCEPT # Gamito portatil WiFI
-A INPUT -s 10.10.2.229 -j ACCEPT # Aragao
# O resto do pessoal fica à porta :)
-A INPUT -s 10.10.2.0/24 -j DROP
/etc/init.d/iptables restart
[root@nau sysconfig]# /etc/init.d/iptables restart
Applying iptables firewall rules: iptables-restore: line 2 failed
[FAILED]
[root@nau sysconfig]#
What am i still doing wrong ?
Any help would be appreciated.
Warm Regards.
Graham Purcocks wrote:
> Thats because sysconfig/iptables is iptabled dump format.
>
> such as
>
> -A INPUT -p tcp -j tcp_packets
>
>
> Mário Gamito wrote:
>
>> Hi,
>>
>> I'm currently running a development server based on WBEL, with a few
>> iptables rules, because i don't want no one except the development
>> team to access it.
>>
>> Well, i have this executable, rc.firewall in /etc, being called form
>> /etc/rc.local
>>
>> I believe this is not the right thing (TM) to do, although it works.
>>
>> From what i saw in iptables ctl, the rules should be in
>> /etc/sysconfig/iptables, right ?
>> But when i insert them in that file, i always get an error from
>> "/etc/init.d/iptables start", saying it doesn't recognize the text.
>>
>> Any help about how it should be done ?
>>
>> Thank you.
>>
>> Warm Regards.
--
Mário Gamito
Administração de sistemas e desenvolvimento
Netual - Multimédia e Telecomunicações, Lda.
Rua João Afonso, Nº1
3800-198 Aveiro - Portugal
Tel. +351 234 371 431 / Fax. +351 234 371 438
E-mail: gamito@netual.pt
www.netual.pt