Open All Ports except 80 and 443
$ sudo iptables -F INPUT
$ sudo iptables -F OUTPUT
$ sudo iptables -F FORWARD
$ sudo iptables -P INPUT ACCEPT
$ sudo iptables -P OUTPUT ACCEPT
$ sudo iptables -P FORWARD ACCEPT
$ sudo iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 80 -j DROP
$ sudo iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 443 -j DROP
Close All Ports except 80 and 443
$ sudo iptables -F INPUT
$ sudo iptables -F OUTPUT
$ sudo iptables -F FORWARD
$ sudo iptables -P INPUT DENY
$ sudo iptables -P OUTPUT DENY
$ sudo iptables -P FORWARD DENY
$ sudo iptables -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT
$ sudo iptables -A INPUT -p tcp -i eth0 --dport 443 -j ACCEPT
These is untested as I don't have the time, however that should be right (If not, it will give you a good start).
Everyone else, please correct me when needed.
*Edit
Please note: You may (should) flush your IP Tables before doing this.
Cheers,
Last edited by matthalliday; 09-06-2006 at 11:23 PM.
|