Linux Forums unreachable.

Ray Parrish crp at cmc.net
Tue Mar 2 21:59:00 UTC 2010 

Amedee Van Gasse (ub) wrote:
> On Mon, March 1, 2010 04:13, Ray Parrish wrote:
>   
>> Christopher Chan wrote:
>>     
>>>> Just where did you get this automated firewall tool of yours?
>>>>
>>>>
>>>>         
>>> It's a blooming ubuntu thing!
>>>
>>> Ray, given the like-minded thoughts about firestarter, I suggest ripping
>>> it out. You reset your firewall rules by following the following
>>> commands after you have disabled or removed firestarter in case
>>> disabling or removing does not do it for you.
>>>
>>> iptables -F
>>> iptables -P INPUT ACCEPT
>>> iptables -P OUTGOING ACCEPT
>>> iptables -P FORWARD ACCEPT
>>>
>>>       
>> Ok, the flush command broke my internet connection, and the rules you
>> have following it to bring it back up give only error messages. I had to
>> reboot to restore my net connection. I also tried adding a couple of
>> rules I found that I liked on a web page while reading search results
>> for iptables, and they tossed errors as well.
>>
>> Clearly I'm going to have to read man iptables thoroughly before I try
>> again.
>>     
>
> If those 4 commands (reset to default) broke your internet connection,
> then there is something really wrong with your computer. I'd consider a
> reinstall from scratch by now. Have you tried with a livecd already?
>
> Could you please give the errors that you got when you tried those commands?
>   
I could, if I could remember what they said, I'm not going to rerun them 
to find out. I think that after running the -F command, the next one 
returned that there was no such chain, or something close to that.

There is nothing whatsoever wrong with my computer, it's running great 
for days on end, and I now have access to all web sites, including 
linuxforums.org. I would like to understand iptables better however, and 
will be reading up on it between bouts of programming, and web 
publishing as I find time.

I did an iptables-save, and got just three lines back, which I suppose 
is the base set of rules needed to access the net. I then ran this command -

      sudo  iptables -I INPUT 1 -p tcp --syn -j DROP

to insert that rule as the first one, which basically says ignore any 
connection attempt that my computer did not initiate itself. That should 
keep me safe, as I have no reason whatsoever to connect to my computer 
remotely, and am running no services for outsiders to access either.

Later, Ray Parrish


-- 
Linux dpkg Software Report script set..
http://www.rayslinks.com/LinuxdpkgSoftwareReport.html
Ray's Links, a variety of links to usefull things, and articles by Ray.
http://www.rayslinks.com
Writings of "The" Schizophrenic, what it's like to be a schizo, and other
things, including my poetry.
http://www.writingsoftheschizophrenic.com

More information about the ubuntu-users mailing list