Anonymous
Basic and simple iptables configurations for home users
Tuesday, 12 de June del 2007
by alombarte
Leave your comment
OpenBSD has been always my prefered distribution when I have to install a firewall based on a *NIX machine. The PF rules are what I am used to see. But last year I had to write several configurations for a debian machine using iptables which I am not really used to. Since I tend to forget these things, I paste here a basic configuration, if you want to use it, paste this in your desired starting script.
Configuration #1: Basic firewall accepting web, ssh and ftp
#delete tables iptables -F iptables -X #default policies iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP #Accept loopback iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -i lo -j ACCEPT #Keep State for already stablished traffic iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT #Serveis que permetem (web,ssh,ftp,icmp): iptables -A FORWARD -p tcp --dport 80 -j ACCEPT iptables -A FORWARD -p tcp --dport 22 -j ACCEPT iptables -A FORWARD -p tcp --dport 21 -j ACCEPT iptables -A FORWARD -p icmp -j ACCEPT #Pings to firewall: iptables -A INPUT -p icmp -j ACCEPT
Configuration 2: Only pings to firewall
#delete tables iptables -F iptables -X #default policies iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP #Keep State for already stablished traffic iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT #Pings to firewall: iptables -A INPUT -p icmp -j ACCEPT
Was this post interesting?
