1 |
Hi all, |
2 |
|
3 |
I set up my first firewall on my notebook (not running any services |
4 |
reachable from outside) using iptables. Since I am new to the topic, |
5 |
could you please verify if the output of 'iptables -L -v' is |
6 |
considered to be a safe firewall? Thanks! |
7 |
|
8 |
Chain INPUT (policy DROP 0 packets, 0 bytes) |
9 |
pkts bytes target prot opt in out source |
10 |
destination |
11 |
0 0 ACCEPT all -- lo any anywhere |
12 |
anywhere |
13 |
0 0 ACCEPT all -- eth0 any anywhere |
14 |
anywhere state RELATED,ESTABLISHED |
15 |
0 0 REJECT tcp -- eth0 any anywhere |
16 |
anywhere reject-with tcp-reset |
17 |
0 0 REJECT udp -- eth0 any anywhere |
18 |
anywhere reject-with icmp-port-unreachable |
19 |
0 0 DROP udp -- eth0 any anywhere |
20 |
anywhere udp spt:bootps |
21 |
0 0 LOG all -- eth0 any anywhere |
22 |
anywhere LOG level warning prefix `INPUT ' |
23 |
1 79 ACCEPT all -- wlan0 any anywhere |
24 |
anywhere state RELATED,ESTABLISHED |
25 |
0 0 REJECT tcp -- wlan0 any anywhere |
26 |
anywhere reject-with tcp-reset |
27 |
0 0 REJECT udp -- wlan0 any anywhere |
28 |
anywhere reject-with icmp-port-unreachable |
29 |
0 0 DROP udp -- wlan0 any anywhere |
30 |
anywhere udp spt:bootps |
31 |
0 0 LOG all -- wlan0 any anywhere |
32 |
anywhere LOG level warning prefix `INPUT ' |
33 |
|
34 |
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) |
35 |
pkts bytes target prot opt in out source |
36 |
destination |
37 |
0 0 LOG all -- any any anywhere |
38 |
anywhere LOG level warning prefix `FORWARD ' |
39 |
0 0 LOG all -- any any anywhere |
40 |
anywhere LOG level warning prefix `FORWARD ' |
41 |
|
42 |
Chain OUTPUT (policy ACCEPT 5 packets, 1691 bytes) |
43 |
pkts bytes target prot opt in out source |
44 |
destination |
45 |
0 0 ACCEPT all -- any lo anywhere |
46 |
anywhere |
47 |
0 0 LOG all -- any eth0 anywhere |
48 |
anywhere LOG level warning prefix `OUTPUT ' |
49 |
1 52 LOG all -- any wlan0 anywhere |
50 |
anywhere LOG level warning prefix `OUTPUT ' |