On Mon, May 25, 2009 at 12:53:58PM +0100, Nuno Magalhães wrote: > > iptables -A INPUT -p tcp --dport 22 -j ACCEPT > > iptables -A INPUT -j DROP > > > > but that will not work how you expect (don't implement it remotely ) > > How would one implement it remotely? I (may have) read somewhere that > blocking everything but ssh wouldn't mess with your ssh session, but > i'm not sure. the above line would allow ssh only traffic but block everything else, like ntp, dns, email, icmp - both inbound and outbound maybe your should read a bit more about firewall/iptables. I believe other people recommend shorewall as an easy / safe application to use for firewalls. I would also suggest if you are doing this remotely (and you have no access to the console). investigate screen, have one window left open with a command line something like this running sleep 500 && <command to undo what you are testing> Alex > > Would a cron job or a sleep do? > -- "I know something about being a government. And you've got a good one." - George W. Bush 11/04/2002 Bentonville, AR Campaigning for Gov. Mike Huckabee
Attachment:
signature.asc
Description: Digital signature