iptables --flush confusion
Simon P. Ditner
simon-tlug-GaisZHhRk3c at public.gmane.org
Sun May 31 13:29:39 UTC 2009
Ah, it turns out that I had set the INPUT policy to DROP, so that when I
did the --flush, there were no longer any rules for letting traffic in.
I had however thought that --flush included everything, rules, policies,
nat, and such. But now I know better.
-spd
On Sat, 30 May 2009, Aviss,Tyler wrote:
> Flush clears the firewall rules, although for NAT I believe you need "--flush
> -t nat"
>
> I assume you're connecting the the WAN OP, but maybe a leftover NAT rule is
> redirecting you connection, or the daemon you're connecting to doesn't listen
> on that port/IP? You could test with "tcplisten" or possibly "nc" for
> connections.
>
>
>
> (sent from my phone, so please excuse the typos)
>
> On 30-May-09, at 2:22 PM, simon-tlug-GaisZHhRk3c at public.gmane.org wrote:
>
>> I have a router set up to do NAT that's using iptables, with
>> net.ipv4.ip_forward=1, and I'm somewhat confused why when I do an 'iptables
>> --flush', I'm no longer able to connect to it from another device that is
>> on the same subnet that the 'wan' interface is on.
>>
>> Does anyone know why this is? Am I misunderstanding what it is that --flush
>> does, or some other basic networking concept?
>>
>> Cheers,
>> spd
>> --
>> The Toronto Linux Users Group. Meetings: http://gtalug.org/
>> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
>> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
> --
> The Toronto Linux Users Group. Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list