LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page First crack at IPTABLES firewall
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-21-2002, 12:15 PM   #1
tarballed
Member
 
Registered: Jun 2002
Distribution: RH, FC, FreeBSD,OpenBSD
Posts: 326

Rep: Reputation: 30
First crack at IPTABLES firewall

Morning everyone. (Morning here at least. )

Well, as I dive more into IPTABLES, I am finding out just how much you can do with IPTABLES. Very cool stuff. Something I want to very much learn more of.

Anyways, I have been reading a lot of examples and how-to's on building a firewall. I know I have a ton to learn, but I wanted to get some advice on the steps to my first firewall.

Basically, this is what I am trying to do.

I will have a RH 7.3 Firewall running IPTABLES. I have 3 machines behind my Firewall; 1 Win2K Box and 2 Linux boxes. There shall be no remote connections to my firewall or any of the boxes on the internal LAN at this point. I want my internal machines to be able to access the internet and use services like web, ftp, ssh, pop, smtp, https etc.

In a nutshell, deny everything coming in, but allow the internal LAN access to the outside world and keep the connections so they can return.

Weew...here is what I have so farIm not sure on order, so I am just putting it in any order)

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

iptables -A INPUT --protocol tcp --syn -j drop

#LOOPBACK
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

#Syn flood protection
iptables -N syn-flood
iptables -A INPUT -i eth0 -p tcp --syn -j syn-flood
iptables -A syn-flood -m limit --limit 1/s --limit-burst 4 -j RETURN
iptables -A syn-flood -j DROP

#Make sure new TCP connections are syn packets
iptables -A INPUT -i eth0 -p tcp ! --syn -m state --state NEW -j DROP

#SPOOFING
iptables -A INPUT -i eth0 -s 10.0.0.0/8 -j DROP
iptables -A INPUT -i eth0 -s 172.16.0.0/12 -j DROP
iptables -A INPUT -i eth0 -s 192.168.0.0/16/ -j DROP


These are just some of the rules I have been playing with. I realize that I may be totally off, or some what on course.

I have been using many examples to try and learn IPTables. However, I figured I learn best by reading examples and figuring them out.

If anyone has a short IPTables firewall script that will do what I am trying to do, I would love to read it and decipher it.

In the meantime, any thoughts or input?

Thanks everyone.

Tarballed
 
Old 12-22-2002, 09:03 AM   #2
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
looks like the first three lines is all you need,

how is anything going to get through that



here are some scripts that are well commented

http://www.linuxguruz.org/iptables/
Last edited by DavidPhillips; 12-22-2002 at 09:05 AM.
 
Old 12-22-2002, 11:42 AM   #3
Major Konig
LQ Newbie
 
Registered: Oct 2002
Distribution: Gentoo [AMD64]
Posts: 10

Rep: Reputation: 0
Quote:
Originally posted by DavidPhillips
looks like the first three lines is all you need,

how is anything going to get through that



here are some scripts that are well commented

http://www.linuxguruz.org/iptables/

That's a good link DP, thanks...been looking for something like that actually.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables with iptables-firewall.conf arno's matt3333 Slackware 16 06-28-2007 07:20 AM
iptables and firewall J4b0l Linux - Security 5 10-10-2005 08:02 AM
IPTABLES firewall Vs rc firewall netguy2000 Linux - Security 7 02-28-2004 04:31 AM
Firewall/iptables brentos Linux - Security 14 11-25-2003 05:47 PM
IPTables Firewall bfloeagle Linux - Security 6 06-19-2001 02:51 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:53 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration