iptables script - where to put it?
Hi,
I'm trying to learn how to firewall my laptop. I think I've got an
appropriate, simple iptables script, but I can't figure out where to put
it. Google provides lots of conflicting advice. I think it's supposed to
go in /etc/init.d/? What do I need to do with this file to get it to run
every time I boot? The actual content is copied below.
Thanks,
Tyler
######################### start ###########################
#### Clear the iptables ####
iptables -F
iptables -X
iptables -Z
iptables -t nat -F
iptables -t nat -X
iptables -t nat -Z
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -Z
#### Set default policy to drop all inbound and forwarded
#### packets, accept all outbound
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
#### Allow input from established connections ####
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#### Allow input from localhost ####
iptables -A INPUT -i lo -j ACCEPT
#### Allow icmp error messages ####
iptables -A INPUT -p icmp --icmp-type 3 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 11 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 12 -j ACCEPT
#### REJECT ident requests ####
iptables -A INPUT -p tcp --syn --dport 113 -j REJECT --reject-with tcp-reset
############################# end #################################
--
When in doubt, use brute force.
--Ken Thompson
Reply to: