[WBEL-users] Iptables Not Working

[Ed Morrison]

Thanks Ed.  I got it going with this script:

#!/bin/bash

# Make sure iptables module is loaded
insmod ip_tables

# Flush any existing rules
iptables -F INPUT

# Block 
iptables -A INPUT -s 24.20.253.108 -j DROP
iptables -A INPUT -s 69.145.105.154 -j DROP
iptables -A INPUT -s 4.11.196.79 -j DROP
iptables -A INPUT -s 80.202.20.7 -j DROP
iptables -A INPUT -s 137.164.158.14  -j DROP
iptables -A INPUT -s 201.129.85.142  -j DROP
iptables -A INPUT -s 24.19.7.146 -j DROP
iptables -A INPUT -s 66.44.140.103 -j DROP


# Allow other traffic
# iptables -A INPUT -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 106 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 995 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 995 -j ACCEPT


#Drop all other traffic
# iptables -A INPUT -j DROP


-----Original Message-----
From: Ed [mailto:ekg@tricity.wsu.edu] 
Sent: Thursday, July 15, 2004 2:10 PM
To: Ed Morrison
Cc: whitebox-users@beau.org
Subject: Re: [WBEL-users] Iptables Not Working

Ed Morrison wrote:
> Hi Everyone,
> 
> I'm having a problem with my iptables not working.  Below is my
iptables
> file.  If someone could show me what it is I am doing wrong I would
> surely appreciate it.  This is running on WBEL 3.0 and it is my mail
> server.  I have spammers sending directly to it and need to drop those
> packets....
> 
> 
> Thank you,
> 
> Ed

I usually find it easier to put my iptables commands in a script and run
the script to setup the firewall.  It usually gives more informative 
error messages that way. :-)  The only other suggestion is to try DROP 
instead of REJECT in line 22.

   Ed

> 
> 
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> -A INPUT -i lo  -j ACCEPT
> -A INPUT -s 24.20.253.108 -j DROP
> -A INPUT -s 69.145.105.154 -j DROP
> -A INPUT -s 4.11.196.79 -j DROP
> -A INPUT -s 80.202.20.7 -j DROP
> -A INPUT -s 137.164.158.14 -j DROP
> -A INPUT -s 201.129.85.142 -j DROP
> -A INPUT -s 24.19.7.146 -j DROP
> -A INPUT -s 66.44.140.103 -j DROP
> -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 106 -j ACCEPT
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT
> -A INPUT -m state --state NEW -m tcp -p udp --dport 995 -j ACCEPT
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> COMMIT
> 
> 
> If I run: service iptables start I receive this error:
> 
> # service iptables start
> Flushing firewall rules: [  OK  ]
> Setting chains to policy ACCEPT: filter [  OK  ]
> Unloading iptables modules: [  OK  ]
> Applying iptables firewall rules: iptables-restore: line 23 failed
> [FAILED]
> 
> It doesn't like the COMMIT line.  
> 
> If I remove the COMMIT.  I see this when start iptables:
>  
> # service iptables start
> Flushing firewall rules: [  OK  ]
> Setting chains to policy ACCEPT: filter [  OK  ]
> Unloading iptables modules: [  OK  ]
> Applying iptables firewall rules: [  OK  ]
> 
> 
> 
> And yet when I run: iptables -L -v   to verify that the tables loaded
> none of the rules show up:
> 
> Chain INPUT (policy ACCEPT 1753 packets, 296K bytes)
>  pkts bytes target     prot opt in     out     source     destination
> 
> 
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>  pkts bytes target     prot opt in     out     source     destination
> 
> 
> Chain OUTPUT (policy ACCEPT 1820 packets, 293K bytes)
>  pkts bytes target     prot opt in     out     source     destination
> 
> 
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Whitebox-users mailing list
> Whitebox-users@beau.org
> http://beau.org/mailman/listinfo/whitebox-users