Achim Gerber wrote:

> ip:~/bin # cat logiptables
> #!/bin/sh
>
> iptables -v -A INPUT -j ACCEPT
> iptables -v -A OUTPUT -j ACCEPT
> iptables -v -A FORWARD -j ACCEPT
>
> tail -f /var/log/messages | grep AJK >> ~achim/log/log.txt &

(interesting to have tail -f in a script, then go to background. Does
this have the inteded effect of new entries in /var/log/messages being
appended to your log file forever?)

Your display of iptable -L shows you accepting everything everywhere.

You might want to add:

iptables -F
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

into your script.

iptables -L -v whould show you what is matching your chains, but given
that you're accepting everything eveywhere, iptables shouldn;t be the issue.


Note that more secure firewall would deny by default, permitting only
the things you *know* you want, but in troubleshootiong mode you often
have to start fropm the other dirtection.
>
> somehow I have the impression that only loading the module ip_tables
> cuts me out.

Why do you think that? when you're locked out in ssh, can you or
someone do an
iptables -L -n -v to see if there are rules that are denying you?

ALso, can you get someone to unload iptables modules to see if that gets
you unlocked?



----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---