>
> Flushing firewall rules: [ OK ]
> Setting chains to policy ACCEPT: filter nat [ OK ]
> Unloading iptables modules: [FAILED]
> Applying iptables firewall rules: [ OK ]
> Loading additional iptables modules: nf_conntrack_netbios_n[ OK ]
>
> so if i try to ping to (any public ip) from client PC after
> enabling iptables i get request time out, but i can browse websites
> without any problem, and if i disable iptables i can get reply from
> the (public ip) to which i am pinging and browsing also works. also
> checked DNS resolution it works perfectly as browsing works.
>
> so i would like to know what is the reason of stopping ping
> after enabling iptables and why i am getting Unloading iptables
> modules FAILED.
>
Hi Yogesh,
You need to allow icmp traffic so that you can ping the outside hosts.
$IPTABLES -A INPUT -p icmp --icmp-type echo-request -s 192.168.1.0/24
-d 0/0 -j ACCEPT
$IPTABLES -A INPUT -p icmp --icmp-type echo-reply -s 192.168.0.0/24 -d
0/0 -j ACCEPT.
Better will be if you set the limit on the icmp-request/reply per
second to avoid dos attacks.
For unloading iptables modules error you need to check whether any
message/errors appears in the /var/log/messages .
Regards
Ankush
Received on Sat Jan 26 2008 - 05:45:54 MST
This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:05 MST