iptables:basic_firewall
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| iptables:basic_firewall [2016/10/20 19:00] – peter | iptables:basic_firewall [2019/11/29 16:38] (current) – removed peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== IPTables - Basic Firewall ====== | ||
| - | |||
| - | ===== Verify the IPTables package is installed ===== | ||
| - | |||
| - | <code bash> | ||
| - | dpkg --list | grep iptables | ||
| - | </ | ||
| - | |||
| - | Returns | ||
| - | |||
| - | < | ||
| - | ii iptables | ||
| - | </ | ||
| - | |||
| - | |||
| - | ===== Verify the Kernel Module is loaded ===== | ||
| - | |||
| - | <code bash> | ||
| - | lsmod | grep ip_tables | ||
| - | </ | ||
| - | |||
| - | Returns | ||
| - | |||
| - | < | ||
| - | ip_tables | ||
| - | </ | ||
| - | |||
| - | |||
| - | |||
| - | ===== Creating iptables rules ===== | ||
| - | |||
| - | <code bash> | ||
| - | iptables -P INPUT DROP | ||
| - | iptables -P OUTPUT DROP | ||
| - | |||
| - | # Allowing Loopback Traffic. | ||
| - | iptables -I INPUT -i lo -j ACCEPT | ||
| - | |||
| - | # Allow established connections. | ||
| - | iptables -A INPUT -m conntrack --ctstate ESTABLISHED, | ||
| - | |||
| - | # Allow SSH in. | ||
| - | # iptables -I INPUT -p tcp --dport 22 -j ACCEPT | ||
| - | iptables -A INPUT -p tcp --dport 22 -s 192.168.1.2 -j ACCEPT | ||
| - | |||
| - | # iptables -A INPUT -p tcp --dport 80 -j ACCEPT | ||
| - | # iptables -A INPUT -p tcp --dport 443 -j ACCEPT | ||
| - | |||
| - | # Loading the ip_conntrack_ftp module | ||
| - | |||
| - | # iptables -A INPUT -p tcp --dport 21 -j ACCEPT | ||
| - | # iptables -A INPUT -p tcp --dport 20 -j ACCEPT | ||
| - | |||
| - | |||
| - | |||
| - | </ | ||
| - | |||
iptables/basic_firewall.1476990048.txt.gz · Last modified: 2020/07/15 09:30 (external edit)