Ok, I'm trying to set up a Firewall, as explained in RedHat 7.3 for Dummies! ( shut up ).

so far, I've done successfully:
iptables --flush
iptables --flush -t nat
iptables -A OUTPUT -j ACCEPT -o lo
iptables -A INPUT -j ACCEPT -i lo


when I get to the next step:

iptables --policy INPUT -i eth0 DROP

and

iptables --policy OUTPUT -i eth0 DROP



I get an error message saying:

iptables v1.2.5: -P requires a chain and a policy.

I searched through iptables -h and it wasn't too clear. Anyone familiar with this problem?

Originally posted by Tanatz
Ok, I'm trying to set up a Firewall, as explained in RedHat 7.3 for Dummies! ( shut up ).



Why would anybody say anything bad about that. They are much easier to read than man pages and how-to's. You don't have to have a Phd in Computer Science to read them.

I plan on buying that book very soon.

Well I don't know what that book is smoking ( ;) ), but the syntax is more like this:

iptables -P INPUT DROP -i eth0

Without the "-i eth0" in between INPUT and DROP.

If that still doesn't work, then try removing the "-i eth0" altogether; the help isn't too clear if this is allowed for default policies or not. It'd do the same thing anyway (any specific rules you've set up, like the "-A INPUT -i lo -j ACCEPT" above, always override the default policy).

ok, omitting the 'eth0' worked, but the next line gave me a new error:


iptables -A OUTPUT -m state -state NEW,RELATED,ESTABLISHED -j ACCEPT


gives me an error message along the lines of:

NEW,RELATED,ESTABLISHED being illegitimate or something.


is there a more accurate walkthrough somewhere, or am I close? this seems to be the last mandatory line in creating the firewall.