Reply To: Firewall rules

Forums Network Management ZeroShell Firewall rules Reply To: Firewall rules


@ppalias wrote:

Failure in login doesn’t have to do with the firewall. If you can see the login screen, then the firewall is allowing the traffic. However what may happen is to see the login screen cached, in which case you cannot understand that it is blocked by the firewall. Best solution is to watch the counters of the iptables with the command

iptables -L -v

to see if the blocked packets or the accept packets raise when you try to connect.

thanks for reply but I hope I found the solution for failure login.
I create INPUT and OUTPUT rules to allow to use services in the Zeroshell:
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
The Reason for that because of using DROP target:
iptables -F
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP


iptables -A INPUT -m state –state ESTABLISHED, RELATED -j ACCEPT
iptables -A FORWARD -m state –state ESTABLISHED, RELATED -j ACCEPT
iptables -A OUTPUT -m state –state NEW,ESTABLISHED, RELATED -j / ACCEPT
So hopefully it will helps me
Anyway thanks a lot