|
Q:
How can I view my current iptables ruleset?
A: The command "iptables -L" will display
your server's current iptables ruleset.
Q:
How do I import an iptables script into my server's iptables ruleset?
A: The command "iptables-restore < /path/to/firewall_script"
will import a flat file iptables script into the server's ruleset.
Q:
How do I export my server's iptables rulset to flat iptables script?
A: The command "iptables-save > /path/to/firewall_script"
will export the current iptables ruleset to a flat file called "firewall_script".
Q:
I've installed the
iptablesrocks.org firewall and it's working, but now I cannot telnet
to my server! What's wrong?
A: The iptablesrocks.org firewall does not allow telnet
connections on port 23 by default. Whty? Simple. Telnet is dumb and
totally insecure. Don't use it. If you've been using telnet in the past
to connect to your server, it's time to grow up and start using SSH
instead. However, if you insist on using telnet, you can simply add
a rule to your firewall script to allow connections on port 23 (telnet).
Q:
I've already installed
the Qmailrocks.org qmail install on my server. How should my iptables
firewall config look?
A: If you've installed qmail according to qmailrocks.org,
the default iptablesrocks firewall configuration should work just fine
with one exception. You will want to add
a rule to open port 783 both on the INPUT and OUTPUT chains so that
Spamassassin can work.
|
