iptables problems

#this is my iptables
# Flushing all rules
/sbin/iptables -F
/sbin/iptables -X
# Setting default filter policy
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT DROP
/sbin/iptables -P FORWARD DROP
# Allow unlimited traffic on loopback
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
# Allow unlimited traffic on loopback
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
route add 192.168.1.100 reject
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d 0/0 -j MASQUERADE

#this line for no connection for irc
/sbin/iptables -A FORWARD -p tcp -i eth1 -d 0/0 –dport 6000:7000 -j DROP

# Allow incoming outgoing only from IP spesifik here
/sbin/iptables -A INPUT -p tcp -s 202.10.32.0/18 -d 192.168.0.200 –sport 1:65535 –dport 1:65535 -m state –state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -s 192.168.0.200 -d 202.10.32.0/18 –sport 1:65535 –dport 1:65535 -m state –state ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -p tcp -s 122.102.48.0/21 -d 192.168.0.200 –sport 1:65535 –dport 1:65535 -m state –state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -s 192.168.0.200 -d 122.102.48.0/21 –sport 1:65535 –dport 1:65535 -m state –state ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -p tcp -s 202.134.0.155 -d 192.168.0.200 –sport 1:65535 –dport 1:65535 -m state –state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -s 192.168.0.200 -d 202.134.0.155 –sport 1:65535 –dport 1:65535 -m state –state ESTABLISHED -j ACCEPT
#all range this ip can acces to server
/sbin/iptables -A INPUT -p tcp -s 192.168.0.0/24 –dport 1:65535 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -s 192.168.1.0/24 –dport 1:65535 -j ACCEPT
# make sure nothing comes or goes out of this box
/sbin/iptables -A INPUT -j DROP
/sbin/iptables -A OUTPUT -j DROP

==========================================================================================
my ip server is 192.168.0.200 = eth0
192.168.1.1= eth1
i want make all connection to some spesifik ip only and drop all connection
only can conection INPUT/OUTPUT to 202.10.32.0/18 122.102.48.0/21 202.134.2.5 202.134.0.155 192.168.0.0/24 192.168.1.0/24 and DROP to other ip.

i have try set iptables but all conection INPUT  and OUTPUT get DROP, whats wrong with my iptables.

2 thoughts on “iptables problems

  1. lha piye tho mas la wong di akhir iptables e ditambahi
    /sbin/iptables -A INPUT -j DROP
    /sbin/iptables -A OUTPUT -j DROP
    ostosmastis drop lagi donk yg udah kebuka

  2. itu dah gak ada mbah. hanya bagian atas saja yang drop di bawah gak di beri.tapi tetep kok tapi dah ok sekarang aku pake cara lain bukan drop all tapi set di routing.jadi masalahs ementara udah selesai.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s