iptablesrocks.org - FAQ
home
|
syntax & structure
|
examples
|
faq
|
contact
|
links
Frequently Asked Questions
●
How can I view my current iptables ruleset?
●
How do I import an iptables script into my server's iptables ruleset?
●
How do I export my server's iptables rulset to flat iptables script?
●
How can I open up a port on my firewall?
●
How can I close a port on my firewall?
●
How can I completely block a host from reaching my server?
●
How can I block a host from a specific port on my server, while allowing access to all other ports?
●
How can I make mty firewall start up automatically when my server is booted?
●
I've installed the iptablesrocks.org firewall and it's working, but now I cannot telnet to my server! What's wrong?
●
I've already installed the Qmailrocks.org qmail install on my server. How should my iptables firewall config look?
Q:
How can I view my current iptables ruleset?
A:
The command "iptables -L" will display your server's current iptables ruleset.
Q:
How do I import an iptables script into my server's iptables ruleset?
A:
The command "iptables-restore < /path/to/firewall_script" will import a flat file iptables script into the server's ruleset.
Q
: How do I export my server's iptables rulset to flat iptables script?
A:
The command "iptables-save > /path/to/firewall_script" will export the current iptables ruleset to a flat file called "firewall_script".
Q
: I've installed the iptablesrocks.org firewall and it's working, but now I cannot telnet to my server! What's wrong?
A:
The iptablesrocks.org firewall does not allow telnet connections on port 23 by default. Whty? Simple. Telnet is dumb and totally insecure. Don't use
it. If you've been using telnet in the past to connect to your server, it's time to grow up and start using SSH instead. However, if you insist on using
telnet, you can simply
add a rule
to your firewall script to allow connections on port 23 (telnet).
Q
: I've already installed the Qmailrocks.org qmail install on my server. How should my iptables firewall config look?
A:
If you've installed qmail according to
qmailrocks.org
, the default iptablesrocks firewall configuration should work just fine with one exception. You
will want to
add a rule
to open port 783 both on the INPUT and OUTPUT chains so that Spamassassin can work.
home
|
syntax & structure
|
examples
|
faq
|
contact
|
links
Site last modified:
February 13, 2004 15:27:51
http://www.iptablesrocks.org/faq/ [2/13/2004 8:04:44 PM]