simple-iptables-firwall
This is an old revision of the document!
Simple iptables Firewall
#!/bin/bash # Set default policy iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP # Flush existing rules iptables -F -t nat iptables -F -t mangle iptables -F -t filter iptables -X # Allow localhost traffic iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # Allow related traffic iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing traffic iptables -A OUTPUT -j ACCEPT # Log & Drop the rest iptables -A INPUT -j LOG --log-prefix "INPUT " iptables -A INPUT -j DROP iptables -A FORWARD -j DROP iptables -A FORWARD -j LOG --log-prefix "FORWARD " # Show ruleset iptables -L -vnx
simple-iptables-firwall.1506164197.txt.gz · Last modified: 2017/09/23 12:56 by baumi