I'm adding some custom rules to Bastille's netfilter firewall.  I've added
these rules:

 #Accept all connections to pop server
        #from  my remote IP

        ${IPTABLES} -A PUB_IN -m tcp -p tcp -i ppp+ -s ${RIP} --sport 11110
-d ${SIP} --dport 110 -j ACCEPT

        #Accept all connections to sshd server
        #from my remote IP

        ${IPTABLES} -A PUB_IN -m tcp -p tcp -i ppp+ -s ${RIP} --sport 22 -d
${SIP} --dport 22 -j ACCEPT

The rules run without error.  However when I run iptables -L PUB_IN to see
the rules listing:

Chain PUB_IN (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere           tcp spt:11110
ACCEPT     tcp  --  anywhere             anywhere           tcp spt:ssh

Shouldn't the source and destination show the ip addresses I've entered in
$RIP and $SIP?

Neil Watson


Iptables Help needed

Post by Neil Wats » Fri, 08 Jun 2001 02:14:47

I'm a little closer now:

My rules look like this:

ACCEPT     tcp  --  xxx.xxx.xxx.xxx/24      my.domain   tcp spt:xxx
ACCEPT     tcp  --  xxx.xxx.xxx.xxx/24      my.domain   tcp spt:xxx

It appears to be OK.  Howerver when I remove the xxx ports from the
Public Access list in Bastille and enter these rules at the beginning
of the PUB_IN chain I cannot get access :(

Any ideas?

Neil Watson


