[fw-wiz] Is the order of the rules entered in iptables important?

From: Kenny G. Dubuisson, Jr. (kdubuisson@kcmria.com)
Date: 08/01/02


From: "Kenny G. Dubuisson, Jr." <kdubuisson@kcmria.com>
To: <firewall-wizards@honor.icsalabs.com>
Date: Thu Aug  1 08:20:01 2002

Hello all. I'm new to the list. I have a quick question: does the order in
which rules are added for an iptables table matter? I have a firewall that
has a pre-built iptables script that runs on boot. Once the system boots,
I'm trying to add additional rules to the default chains but my rules are
not working. I was wondering if that is because the boot script has, as
it's last rule, a DENY target and since it was "entered" before my new
rules, the DENY is always hit first.

Thanks in advance,
Kenny



Relevant Pages

  • Re: Open Source Router with NAT
    ... Boot your favorite version of Linux, and install it. ... Make sure iptables is installed. ... This e-mail is classified as Mediterranean Smart Cards Company confidential and proprietary information The recipient hereby is committed to hold in strict confidence the contents of this and not to disclose to any third party without the prior written consent of Mediterranean Smart Cards Company. ...
    (Security-Basics)
  • Re: Iptables not running firewall script properly at boot
    ... > I'm running iptables 1.2.7a on RedHat 7.3. ... The bash script I ... > boot time. ... What does the "service iptables start" command say if it is ...
    (comp.os.linux.security)
  • Re: How can I sabotage all networking functionality in a fedora system?
    ... then give that to someone to boot their machine from. ... And you can't simply get them to unplug the network cable? ... Without knowing what network hardware is on the PC, ... iptables rules, so that only 127.0.0.1 can communicate with itself. ...
    (Fedora)
  • Re: iptables/firestarter
    ... want is for my web port rule to start every time I boot, ... Since I make all edits to my iptables ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)