[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [opensuse-security] Custom iptables command doesn't work as expected
Hans-Peter Jansen wrote:
I try to use an iptables command in conjunction with SuSEfirewall2
(version 3.6.295 on openSUSE 12.2, kernel-desktop-3.4.47-2.38.1.x86_64).
Using it standalone, it works as expected:
iptables -t nat -A OUTPUT -p tcp --dport 1935 -m owner \! --uid-owner root -j REDIRECT
If this iptables command is integrated in
it doesn't work anymore: rtmpsuck doesn't detect any streams.
Your problem is probably not related to OUTPUT but to INPUT. Check
"SuSEfirewall2 status" before and after running your program. Compare the
packet counters. The packets in question might have been dropped so
some drop rule should have increased it's counter.
SuSEfirewall2 non-default settings (LAN-client):
The yes and no settings are an attempt to fix the issue in question.
If eth0 and eth1 are your only interfaces a firewall config like the
above one doesn't make much sense really. Just switch it off to avoid
all the problems.
(o_ Ludwig Nussel
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx