Completely botched iptables... Help!

Question

Completely botched iptables... Help!

networking

Heya. I am very new to all of this and after months of ongoing iptables problems, my attempts to "fix" things have finally wrecked… everything.

While I can access my node using Lish, I can't ssh into the server (timeout). Or ping it. Or access web stuff on port 80.

I've tried to flush iptables and ip6tables rules/restore them to the most "basic" setup, but now I am completely lost.

Right now "sudo iptables -L -nv" in Lish returns:

Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0            /* Allow loopback connections */
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            /* Allow Ping to work as expected */
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 22,80

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Where do I go from here?

Thanks in advance.

1 Reply

forum:emestee · Answer 1 · Nov. 17, 2017, 4:22 a.m.

forum:emestee 6 years, 5 months ago

first reset the policy on INPUT and FORWARD to ACCEPT; a policy in iptables lingo is simply what happens when none of the rules in the chain match

iptables -P INPUT ACCEPT

iptables -P FORWARD ACCEPT

Then clean your INPUT chain:

iptables -F INPUT

You now have a clean firewall ruleset.

Compute

Storage

Databases

Networking

Developer Tools

Delivery

Security

Services

Industries

Pricing

Community

Engage With Us

Completely botched iptables... Help!

1 Reply

Reply

Tips: