This is an iptables rule on my laptop
Code:
#!/bin/bash
#Filter
iptables -F
iptables -X
iptables -Z
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p TCP -i wlan0 --dport 23 -j ACCEPT
iptables -A INPUT -i wlan0 -j DROP
iptables -A INPUT -p TCP -i tap0 --dport 23 -j ACCEPT
iptables -A INPUT -i tap0 -j DROP
#Nat
iptables -t nat -F
iptables -t nat -X
iptables -t nat -Z
iptables -P POSTROUTING DROP -t nat
iptables -P OUTPUT ACCEPT -t nat
iptables -P PREROUTING ACCEPT -t nat
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o wlan0 -j ACCEPT
As this rules my Desktop and guest system(xp) of vbox on Laptop can telnet to my Laptop.Laptop couldnt get any websites works(include msn .etc) but guest system could.If I make "iptables -A INPUT -i wlan0 -j ACCEPT" intead of "iptables -A INPUT -i wlan0 -j DROP",Laptop`s network can works well.Is there any problems if I use "iptables -A INPUT -i wlan0 -j DROP"?can anybody point it for me?thanks.
Linear Mode
