help iptables-rules, plz

dear all,

i need to know does iptables do the inverse opr?
like this :
policy input accept
policy output accept
policy forward accept

and now :
iptables -A INPUT -i eth0 -s 10.1.1.1/32 -d 10.1.1.0/24 -p tcp --dport 139 -j ACCEPT

so how you evaluate this rule? does it allow any tcp?

many thanks for the help

Find more posts tagged with

Comments

bmack1082

rossonieri#1 wrote:

dear all,

i need to know does iptables do the inverse opr?
like this :
policy input accept
policy output accept
policy forward accept

and now :
iptables -A INPUT -i eth0 -s 10.1.1.1/32 -d 10.1.1.0/24 -p tcp --dport 139 -j ACCEPT

so how you evaluate this rule? does it allow any tcp?

many thanks for the help

That rule will allow the IP 10.1.1.1 incoming to your firewall to connect to any ip in the network of 10.1.1.0/24 over tcp139 (netbios session).

However, if that is your only rule, all other traffic will be allowed as well since your default input policy is allow

rossonieri#1

hello bmack,

thanks for the reply : )
done with iptables : )

but now - i'm facing a new problem : bandwidth management with HTB-tools - it seems doesnt works for me to limit/drop downloads from clients using download accelerator.
some said it has to be combined with squid - some didnt..

any suggestions?

cheers...