[Tfug] tfug Digest, Vol 39, Issue 40

[Paul Scott]

Felix Tilley wrote:
>  > > Does anyone here use IPtables as a firewall?
>   
What do you actually mean by that?  Do you mean as compared to 
ipchains?  What distro are you running?  

Did you generate the script you sent by hand or did some other piece of 
software generate it (shorewall, firestarter)?    
> EOL means I cannot send it to this list because some lines are over
> 76 characters long.
>   
Ok.  There should be only a couple of broken lines here.  This is just 
the output of:

iptables -L

on this system.  Part or all of it may have been generated by 
kmyfirewall which I haven't completely figured out yet.  I am going to 
try firestarter or shorewall as soon as I finish downloading something.  
Currently this setup doesn't allow ssh to this machine.  This is a new 
installation of Debian sid due to some hardware problems.  The previous 
installation did allow ssh.

Chain INPUT (policy DROP)
target     prot opt source               destination        
ACCEPT     icmp --  anywhere             anywhere            limit: avg 
5/sec burst 5 icmp echo-request
LOG        tcp  --  anywhere             anywhere            limit: avg 
1/sec burst 5 tcp dpt:ssh LOG level warning prefix `Rule SSH_tcp: '
ACCEPT     tcp  --  anywhere             anywhere            limit: avg 
1/sec burst 5 tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www
ACCEPT     tcp  --  anywhere             anywhere            multiport 
dports netbios-ns,netbios-dgm,netbios-ssn
ACCEPT     all  --  anywhere             anywhere            state 
RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere            limit: avg 
5/sec burst 5 LOG level warning prefix `KMF: '

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Paul