Iptables: Difference between revisions

iptables is a firewall program.

Simple example

here is a simple iptables example that allows ssh, http, and https, and not much else. It is a good starting point.

# Flush
iptables -F

# allow SSH/HTTP/HTTPS
iptables -A INPUT  -p tcp --dport 22 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT  -p tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT  -p tcp --dport 443 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT

# Set default policies for INPUT, FORWARD and OUTPUT chains
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# Set access for localhost
iptables -A INPUT -i lo -j ACCEPT

# Accept packets belonging to established and related connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

OpenVPN iptables scripts

For more examples of iptables scripts, you can visit the OpenVPN/Static Key page. More specifically:

• https://charlesreid1.com/wiki/OpenVPN/Static_Key#Server_Firewall_Script
• https://charlesreid1.com/wiki/OpenVPN/Static_Key#Client_Firewall_Script

Flags

linux networking all the pages for linux networking General networking in linux: Linux/Networking Diagnosing network interfaces: Linux/Network Interfaces Connecting to nodes with ssh: Linux/SSH Bridging networks with ssh tunnels: Linux/SSH Linux file server nfs/smb/sshfs: Linux/File Server Samba on linux: Linux/Samba Automounting network shares on linux: Linux/Automount Network Shares Monitoring system resources: Linux/System Monitoring Linux systemd: Linux/Systemd Linux networking services: Linux/Networking Services IP Schema (ipcalc): Linux/IP Schema DHCP Server: Linux/DHCP DNS Server: Linux/DNS NTP Server: Linux/NTP GNS3 Software Defined Networks: GNS3 Python Port Scanner: Python/Scanner Category:Networking  · Category:Wireless Flags  · Template:LinuxNetworkingFlag  · e