On Mon, May 25, 2009 at 12:53:58PM +0100, Nuno Magalhães wrote:
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -j DROP
but that will not work how you expect (don't implement it remotely )
How would one implement it remotely? I (may have) read somewhere that
blocking everything but ssh wouldn't mess with your ssh session, but
i'm not sure.
the above line would allow ssh only traffic but block everything else,
like ntp, dns, email, icmp - both inbound and outbound
maybe your should read a bit more about firewall/iptables. I believe
other people recommend shorewall as an easy / safe application to use
for firewalls.
I would also suggest if you are doing this remotely (and you have no
access to the console).
investigate screen, have one window left open with a command line
something like this running
sleep 500 && <command to undo what you are testing>
Alex
Would a cron job or a sleep do?