I need help w/iptable rules

Question

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere

The above 'ACCEPT'-line is quiet confusing to me. Doesn't it mean, that I allow all incoming traffic? And if, how can I instead deny it?

How do I have to configure iptables, when I want to run an email server as well?

See http://serverfault.com/questions/189729/what-the-meaning-of-policy-accept-and-policy-drop-in-iptables — ott--, Dec 29 '11 at 20:17
And also Google, iptables is complex and there are hundreds of resources out there (http://www.techrepublic.com/article/linux-101-configuring-and-managing-iptables-to-improve-network-security/5997057). Try to crate a set of rules yourself and then ask the community for help debugging them (like this http://serverfault.com/questions/345111/iptables-target-to-route-packet-to-specific-interface). — msanford, Dec 29 '11 at 20:31

score 1 · Answer 1 · answered Dec 29 '11 at 20:30

When configuring your firewall, you can set default policy to accept all traffic and then deny unwanted ones. The other (more secure) one is to set the default policy to deny all traffic and accept the needed ones.

For your email services, you will usually need to open the port of SMTP, POP, and IMAP. You cna find many tutorials and howtos on configuring iptables

score 0 · Answer 2 · answered Dec 29 '11 at 20:42

0

CentOS has a great introduction to iptables in their documentation.

http://wiki.centos.org/HowTos/Network/IPTables

answered Dec 29 '11 at 20:42

Safado

4,726
7
35
53

Thank you both for your kind advice! I will check out the CentOS introduction then. :-) – Robert Frost Dec 29 '11 at 21:09

I need help w/iptable rules

2 Answers2