FX30S: wget fails unless delete iptables rules


#1

Hello,

I am unable to get a wget to succeed unless I delete the default iptables rules that are deployed as part of the image for the FX30S.

Is this how it is supposed to be? Doesn’t seem real useful if you can’t communicate out and get a response back.

What modifications to the rules are needed to make this work without just deleting the rules?

Thank you,
Mark


#2

Hi Mark,
This is by design. The FX30 and FX30S is purposefully shipped with the firewall highly secure. Every customer’s needs are different, so you will need to add specific firewall rules to suit your custom needs.

You’ll need a rule like this:
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

But you’ll need to ensure you add it before the rmnet_data0 DROP rule. The rules are located at: /etc/iptables.rules

BR,
Chris