IP-Tables

Ronald

IP-Tables For Linux

iptables -F
iptables -A OUTPUT -p tcp –dport 80 -j ACCEPT
iptables -A OUTPUT -p udp –dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp –dport 22 -j ACCEPT
iptables -A OUTPUT -p tcp –dport 443 -j ACCEPT
iptables -A INPUT -p tcp –dport 22 -j ACCEPT
iptables -A INPUT -p tcp –dport 8080 -j ACCEPT
iptables -A INPUT -p tcp –dport 5432 -j DROP
iptables -A INPUT -j DROP

#### Enable or allow ICMP ping incoming client request

#SERVER_IP=”10.150.61.75″
#iptables -A INPUT -p icmp –icmp-type 8 -s 0/0 -d $SERVER_IP -m state –state NEW,ESTABLISHED,RELATED -j ACCEPT
#iptables -A OUTPUT -p icmp –icmp-type 0 -s $SERVER_IP -d 0/0 -m state –state ESTABLISHED,RELATED -j ACCEPT

#### Allow or enable outgoing ping request

SERVER_IP=”10.150.61.75″
iptables -A OUTPUT -p icmp –icmp-type 8 -s $SERVER_IP -d 0/0 -m state –state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p icmp –icmp-type 0 -s 0/0 -d $SERVER_IP -m state –state ESTABLISHED,RELATED -j ACCEPT

iptables -A OUTPUT -m state –state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -j DROP

iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp –dport 443 -j ACCEPT
iptables -A INPUT -p tcp –dport 80 -j ACCEPT
iptables -A INPUT -j DROP

#/root iptables save

#iptables -L -v

#iptables -F
#iptables -A INPUT -p tcp –sport 80 -j ACCEPT
#iptables -A INPUT -p udp –sport 53 -j ACCEPT
#iptables -A INPUT -j DROP

#######################################################

#iptables -I FORWARD -p tcp –dport 80 -j ACCEPT
#iptables -I FORWARD -p udp –sport 53 -j ACCEPT
#iptables -I FORWARD -j DROP

#######################################################

Leave a Reply

Your email address will not be published. Required fields are marked *