Re: How to work with my iptables script
On 25 Aug 2004, Jacob Friis Larsen wrote:
> By the help of http://iptables-script.dk/ I have created the script below.
> Is this the correct way to work with it:
> - Store it in /root as myiptables
> - Make it executable
> - Run /root/myiptables
> - Run /etc/init.d/iptables save active
> And does it look ok?
It looks reasonably secure, for a small server, and your set of steps
You could increase security by limiting traffic to exclude forged or
invalid packets, and limit outbound traffic appropriately.
Logging would probably also be useful.
You may find that using a higher level tool, of which there are a wide
range in Debian, would make it easier to achieve this goal.
People of privilege will always risk their complete destruction
rather than surrender any material part of their advantage.
-- John Kenneth Galbraith, _The Age of Uncertainty_, 1977