[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Help w/ Iptable Rules



id suggest just a simple thing like this

iptables -p input drop
iptables -p forward drop
iptables -p output accept
iptables -A input -p tcp --dport 22 -j ACCEPT

That drops everything except ssh incoming on port 22,
and allows all outputs.

thats what you wanted :)


--- fbrian@nac.net wrote:
> Hi
> 
> I need help w/ simple iptables rules.
> 
> Needs:
> 	to only allow ssh packets in and they would be over
> an
> 	ethernet interface.
> 
> 	allow all outbound traffic
> 
> Rule set I am working with.
> 
> 
>      iptables -N block
>      iptables -A block -p tcp --syn
> --destination-port 22 -j ACCEPT
>      iptables -A block -p tcp --syn -j DROP
>      iptables -A block -m state --state
> ESTABLISHED,RELATED -j ACCEPT
>      iptables -A block -m state --state NEW -i !
> eth0 -j ACCEPT
>      iptables -A block -j DROP
> 
> 
>      iptables -A INPUT -j block
>      iptables -A FORWARD -j block
> 
> TIA
> 
> Brian
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to
> debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> 


__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com



Reply to: