LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 02-10-2005, 05:52 AM   #1
]SK[
Member
 
Registered: Jun 2004
Location: Nottingham, England
Posts: 89

Rep: Reputation: 15
IPtables - Block all except what I allow


Im making a new server with various services running (httpd, smtp etc)

I want to block all but allow access to these services

Ive started IPTables but it looks by default that it allows everything. Im using trustix 2.2.

Ive done many a search and with this being my first time with IPTables im a little confused.

I think Ive managed to block all with...

iptables -P INPUT DROP

Is that correct?
 
Old 02-10-2005, 06:06 AM   #2
marghorp
Senior Member
 
Registered: Jan 2004
Location: Slovenia
Distribution: Slackware 10.1, SLAX to the MAX :)
Posts: 1,040

Rep: Reputation: 45
yes, now just allow what you want with iptables -P input ACCEPT protocol
 
Old 02-10-2005, 06:09 AM   #3
]SK[
Member
 
Registered: Jun 2004
Location: Nottingham, England
Posts: 89

Original Poster
Rep: Reputation: 15
iptables -P input ACCEPT 80


I get an error with this, also any idea where the config file for iptables is? Its not in /etc/sysconfg/

Last edited by ]SK[; 02-10-2005 at 06:40 AM.
 
Old 02-10-2005, 06:53 AM   #4
Linux~Powered
Member
 
Registered: Jan 2004
Location: /lost+found
Distribution: Slack`er-current
Posts: 845

Rep: Reputation: 31
it's not P after you already made the default policy it the A flag

iptable -A INPUT -s 0/0 -d 0/0 --sport 80 -j ACCEPT
 
Old 02-10-2005, 07:14 AM   #5
]SK[
Member
 
Registered: Jun 2004
Location: Nottingham, England
Posts: 89

Original Poster
Rep: Reputation: 15
OK ive got it working with

iptables -P input DROP
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p ICMP -j ACCEPT


How do I make these settings save as upon an 'service iptables restart' its back at allowing everything?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTables and PPTPD :S (to block or not to block) thewonka Linux - Networking 0 03-24-2005 07:58 PM
iptables block IP subnets bratch Linux - Networking 5 02-07-2005 03:03 AM
iptables, block port 80? frank2 Linux - Security 4 09-12-2004 10:14 AM
IPTables to block IP protocol ppuru Linux - Security 3 06-26-2004 03:20 AM
Block UT2003 with iptables Kostko Linux - Networking 1 11-23-2002 09:29 AM


All times are GMT -5. The time now is 05:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration