LinuxQuestions.org - IPtables - Block all except what I allow

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - IPtables - Block all except what I allow (https://www.linuxquestions.org/questions/linux-software-2/iptables-block-all-except-what-i-allow-288450/)

]SK[	02-10-2005 04:52 AM

IPtables - Block all except what I allow

Im making a new server with various services running (httpd, smtp etc)

I want to block all but allow access to these services

Ive started IPTables but it looks by default that it allows everything. Im using trustix 2.2.

Ive done many a search and with this being my first time with IPTables im a little confused.

I think Ive managed to block all with...

iptables -P INPUT DROP

Is that correct?

marghorp

02-10-2005 05:06 AM

yes, now just allow what you want with iptables -P input ACCEPT protocol

]SK[	02-10-2005 05:09 AM

iptables -P input ACCEPT 80

I get an error with this, also any idea where the config file for iptables is? Its not in /etc/sysconfg/

Linux~Powered

02-10-2005 05:53 AM

it's not P after you already made the default policy it the A flag

iptable -A INPUT -s 0/0 -d 0/0 --sport 80 -j ACCEPT

]SK[	02-10-2005 06:14 AM

OK ive got it working with

iptables -P input DROP
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p ICMP -j ACCEPT

How do I make these settings save as upon an 'service iptables restart' its back at allowing everything?

All times are GMT -5. The time now is 11:47 AM.