winbox on linux with firewall active

On a linux debian 9 I run winbox on wine with the firewall enabled and it does not allow me to see the routers. If the firewall is deprecated winbox lists me the routers and allows access without problem. What should be the iptables rule to allow access?

#!/bin/bash

HOST="200.1.2.3"
ETH="eth0"

iptables -F
iptables -t nat -F
iptables -Z
iptables -P INPUT -j DROP
iptables -P OUTPUT -j DROP
iptables -P FORWARD -j DROP

# Habilitamos trafico local
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# Habilitamos gestion de estados
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

# --------------------------

# 1)
iptables -A OUTPUT -p tcp -m multiport --dports 80,443,53 -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT

# 2)
iptables -A OUTPUT -p tcp -m multiport --dports 110,995 -j ACCEPT
iptables -A OUTPUT -p tcp -m multiport --dports 143,993 -j ACCEPT
iptables -A OUTPUT -p tcp -m multiport --dports 25,2525,465 -j ACCEPT

# 3)
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# 4)
iptables -A INPUT -p tcp --sport 8291 -j ACCEPT

If the iptables rules are from the system where you want to run winbox, then rule 4) should actually be done for chain OUTPUT instead of INPUT (and dports instead of sports).

Actually, the way I’m reading this, his MAC-WINBOX is being blocked.

You should allow udp src.port 5678 so that the return traffic is allowed.

You should then see your routers.

Regards,


Sent from my cell phone. Sorry for the errors.

With these ports I get after a long time an incomplete list in WINBOX (on linux) of the connected routers and only allows me to connect by IP not by MAC.
What could I verify?

# 4
iptables -A INPUT -p udp --sport 5678 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 8291 -j ACCEPT