i think ive messed up my ip table rules

[KidVicious]

Quote:

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
ACCEPT all -- anywhere anywhere
DROP all -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

anything out of the ordinary?

[bodhi.zazen]

We can not tell without more information.

What are you trying to accomplish with iptables ? What do you want to accept and what do you want to reject ?

What problem are you having or what makes you think something is wrong ?

Please post the output of

Code:

iptables -L -v -n

As you line "ACCEPT all -- anywhere anywhere " could be anything from accept all traffic on the lo interface to accept all traffic from everywhere.

Same as with your forward chain, we really can not tell why you are rejecting, they accepting, then dropping, and finally accepting all.

[flyingfsck]

Hmm, another important point to ponder, is that the rules are processed in order, top down. So in general, adding a new rule at the bottom of the list, will not do anything at all, if the packet is already be accepted by another rule above.

While fooling around and learning, you can flush all the rules with: iptables -F

[KidVicious]

Quote:

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
6593 7761K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
16 1140 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT ah -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT esp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:500
26 4424 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 state NEW udp dpt:5353
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:631
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:137
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:138
5 489 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 5163 packets, 543K bytes)
pkts bytes target prot opt in out source destination

theres the output..
Im just trying to learn how stuff wokrs with trial and error .

[flyingfsck]

That is cool. Just try a few rules at a time and flush them when you mess up.

If you read the iptables man page about ten times, it will eventually begin to make some sense...

[KidVicious]

thnx for the help. !