[SLUG] iptables problems

[Rob B]

I'm having a hard time deciphering iptables rules. Would any of these rules cause a "sendto: operation not permitted" error?

bunbun:~# iptables --list
Chain INPUT (policy DROP)
target prot opt source destination
ipac_in all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
LOG all -- 127.0.0.0/8 anywhere LOG level warning
DROP all -- 127.0.0.0/8 anywhere
ACCEPT all -- anywhere 255.255.255.255
ACCEPT all -- 10.0.0.0/24 anywhere
LOG !tcp -- anywhere 224.0.0.0/4 LOG level warning
DROP !tcp -- anywhere 224.0.0.0/4
LOG all -- 10.0.0.0/24 anywhere LOG level warning
DROP all -- 10.0.0.0/24 anywhere
ACCEPT all -- anywhere 255.255.255.255
LOG all -- anywhere anywhere LOG level warning
DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ipac_in all -- anywhere anywhere
ipac_out all -- anywhere anywhere
ACCEPT all -- 10.0.0.0/24 anywhere
LOG all -- anywhere 10.0.0.0/24 LOG level warning
DROP all -- anywhere 10.0.0.0/24
LOG all -- anywhere anywhere LOG level warning
DROP all -- anywhere anywhere

Chain OUTPUT (policy DROP)
target prot opt source destination
ipac_out all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere 255.255.255.255
ACCEPT all -- anywhere 10.0.0.0/24
ACCEPT !tcp -- anywhere 224.0.0.0/4
LOG all -- anywhere 10.0.0.0/24 LOG level warning
DROP all -- anywhere 10.0.0.0/24
ACCEPT all -- anywhere 255.255.255.255
LOG all -- anywhere anywhere LOG level warning
DROP all -- anywhere anywhere

The ipac_in and ipac_out rules consist only of LOG targets, so I haven't included them.

cheers,
rob


--
Decisions terminate panic.

This is random quote 417 of a collection of 1255

Distance from the centre of the brewing universe:
[15200.8 km (8207.8 mi), 262.8 deg](Apparent) Rennerian

Public Key fingerprint = 6219 33BD A37B 368D 29F5 19FB 945D C4D7 1F66 D9C5

--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug