You shouldn't need the out rule; until a firewall is applied, everything is accepted. However, the simple rule is protocol any action accept. That should do it if you want to be thorough :-)
Justin On Jan 28, 2008 7:28 AM, Nathan McBride <[EMAIL PROTECTED]> wrote: > Hey guys, > > I just installed Vyatta and have it working. (big step for me) > But I'm having some trouble. I first wanted to know if I should > make the firewall using Vyatta's commands or just iptables? > I tried iptables and it didn't seem to work. I added a rule to allow ssh > but ssh couldn'g go through. So then I made one in Vyatta. Denied > ping, enabled ssh, then applied it to the wan interface. Well that > killed all network traffic so looking through the manual I saw that when > I applied the IN rule for the interface I guess the out rule > automatically got a deny everything since I didn't apply a rule to it. > So, I needed to add a related and established rule to the in for the wan > interface. I did (this is from memory): > > set firewall name eth0-in rule 1 action accept > set firewall name eth0-in rule 1 state established enable > set firewall name eth0-in rule 1 state related enable > > Then I was going to commit this but commit gave an error saying that > protocol needed to be icmp. Once I had set that it errored saying > protocol needed to be tcp... I'm really confused but I need to get a > firewall up. > > Once this is done I was going make a rule for out on the wan interface > to allow everything to go out. Is there a simple rule for this? > > Thanks, > Nate > > > _______________________________________________ > Vyatta-users mailing list > Vyatta-users@mailman.vyatta.com > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > _______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
