FossaPup seems to have support for legacy iptables.
I edited /etc/ppp/firewall-standalone, setting EXTIF=wlan0
Code: Select all
# iptables -P INPUT ACCEPT
# iptables -P OUTPUT ACCEPT
# iptables -P FORWARD DROP
#
# iptables -F FORWARD
# iptables -F INPUT
# iptables -F OUTPUT
#
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
#
# sh /etc/ppp/firewall-standalone
#
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
LOG udp -- anywhere anywhere udp dpts:0:1023 LOG level warning
LOG tcp -- anywhere anywhere tcp dpts:0:1023 LOG level warning
DROP udp -- anywhere anywhere udp dpts:0:1023
DROP tcp -- anywhere anywhere tcp dpts:0:1023
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
DROP icmp -- anywhere anywhere icmp echo-request
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
#
iptables seems to be setting the rules.
I don't know if the rules are actually doing anything.
EDIT: i tested by adding a rule to drop all tcp packets. It effectively blocked links browser.
To see other iptables commands that are available, type iptables
then press the TAB key 2 or 3 times.