iptables problems

#this is my iptables
# Flushing all rules
/sbin/iptables -F
/sbin/iptables -X
# Setting default filter policy
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT DROP
/sbin/iptables -P FORWARD DROP
# Allow unlimited traffic on loopback
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
# Allow unlimited traffic on loopback
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
route add 192.168.1.100 reject
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d 0/0 -j MASQUERADE
#this line for no connection for irc
/sbin/iptables -A FORWARD -p tcp -i eth1 -d 0/0 –dport 6000:7000 -j DROP
# Allow incoming outgoing only from IP spesifik here
/sbin/iptables -A INPUT -p tcp -s 202.10.32.0/18 -d 192.168.0.200 –sport 1:65535 –dport 1:65535 -m state –state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -s 192.168.0.200 -d 202.10.32.0/18 –sport 1:65535 –dport 1:65535 -m state –state ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -p tcp -s 122.102.48.0/21 -d 192.168.0.200 –sport 1:65535 –dport 1:65535 -m state –state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -s 192.168.0.200 -d 122.102.48.0/21 –sport 1:65535 –dport 1:65535 -m state –state ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -p tcp -s 202.134.0.155 -d 192.168.0.200 –sport 1:65535 –dport 1:65535 -m state –state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -s 192.168.0.200 -d 202.134.0.155 –sport 1:65535 –dport 1:65535 -m state –state ESTABLISHED -j ACCEPT
#all range this ip can acces to server
/sbin/iptables -A INPUT -p tcp -s 192.168.0.0/24 –dport 1:65535 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -s 192.168.1.0/24 –dport 1:65535 -j ACCEPT
# make sure nothing comes or goes out of this box
/sbin/iptables -A INPUT -j DROP
/sbin/iptables -A OUTPUT -j DROP
==========================================================================================
my ip server is 192.168.0.200 = eth0
192.168.1.1= eth1
i want make all connection to some spesifik ip only and drop all connection
only can conection INPUT/OUTPUT to 202.10.32.0/18 122.102.48.0/21 202.134.2.5 202.134.0.155 192.168.0.0/24 192.168.1.0/24 and DROP to other ip.
i have try set iptables but all conection INPUT  and OUTPUT get DROP, whats wrong with my iptables.

Administrator

Saya adalah saya, dimana saya tinggal disitu saya berada. Saya suka menulis disela kesibukan saya, tapi saat sibuk saya tidak bisa menyempatkan waktu untuk menulis.

2 thoughts to “iptables problems”

  1. itu dah gak ada mbah. hanya bagian atas saja yang drop di bawah gak di beri.tapi tetep kok tapi dah ok sekarang aku pake cara lain bukan drop all tapi set di routing.jadi masalahs ementara udah selesai.

Leave a Reply to gue_banget Cancel reply

Your email address will not be published. Required fields are marked *