This site is hosted and sponsored by hyve.com specialists in Cloud Hosting UK and VMware Hosting. If you are interested in our services please call us for chat on 0800 612 2524
Setup iptables#
- Create a file /root/iptables.sh
- Paste in the text below and edit as required
- Give it execute permissions
- ./iptables.sh to run it and it will update iptables as required
- To check iptables, run: service iptables status
### SCRIPT ### service iptables stop # Drop all incoming traffic iptables -P INPUT DROP # Drop all forwarded traffic iptables -P FORWARD DROP # Drop all outgoing traffic iptables -P OUTPUT DROP # Allow all outgoing traffic iptables -P OUTPUT ACCEPT # Allow returning packets iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # Allow MySQL only from a certain network #iptables -A INPUT -p tcp -m tcp -s XXX.XXX.XXX.0/24 --dport 3306 -j ACCEPT # Allow local traffic iptables -A INPUT -i lo -j ACCEPT # Allow incoming SSH on port 22 iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT # Allow incoming 21 iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT # Allow incoming 3306 iptables -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT # Allow incoming 80 iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT # Allow incoming 443 iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT # Allow ping iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT iptables-save > /etc/sysconfig/iptables chmod go-r /etc/sysconfig/iptables sudo service iptables restart ### /SCRIPT ###
Back to Linux
Add new attachment
Only authorized users are allowed to upload new attachments.
«
This page (revision-4) was last changed on 27-Mar-2012 11:54 by Hyve Support