iptables: Set rules to make firewall acts like a home routers. edit

Home routers accept connections established from inside and deny incoming connections that isn't

Initialize iptables rules:

# iptables -F
# iptables -X
# iptables -Z

Set default chain policies:

# iptables -P INPUT DROP
# iptables -P FORWARD DROP
# iptables -P OUTPUT ACCEPT

Accept on localhost:

# iptables -A INPUT -i lo -j ACCEPT
# iptables -A OUTPUT -o lo -j ACCEPT

Allow established sessions to receive traffic:

# iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

Save rules:

# iptables-save

References

http://superuser.com/questions/427458/deny-all-incoming-connections-with-iptables http://blog.daum.net/hypermax/6
Wednesday, March 20, 2013, 22:38

0 comments:

Post a Comment

Newer -> <- Older