LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Need to block all ports and open only select ports on Ubuntu 7.1
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-18-2008, 01:55 AM   #1
Mr.J
Member
 
Registered: Jun 2008
Posts: 82

Rep: Reputation: 15
Need to block all ports and open only select ports on Ubuntu 7.1

Hi,

I need to block all ports by defaults on linux system and need to allow only few ports to be opened using iptable rules.

ex. to open only ssh port ( 22) , I tried following commands.

iptables -A INPUT -p tcp --dport 22 -j ACCEPT ;
iptables -A INPUT -p udp --dport 22 -j ACCEPT ;
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT ;
iptables -A OUTPUT -p udp --dport 22 -j ACCEPT ;


iptables -A OUTPUT -p tcp -j DROP ;
iptables -A OUTPUT -p udp -j DROP ;
iptables -A INPUT -p tcp -j DROP ;
iptables -A INPUT -p tcp -j DROP;

iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:ssh
DROP tcp -- anywhere anywhere
DROP tcp -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:ssh
DROP tcp -- anywhere anywhere
DROP udp -- anywhere anywhere

After this when I tried to ssh a machine, it just timed out.
 
Old 11-18-2008, 03:45 AM   #2
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
Try.
Code:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to open ports in Ubuntu? darthfoolish Linux - Security 16 06-08-2011 09:48 AM
open ports for utorrent using iptables n close smpt to that ports shtorrent00 Linux - Networking 2 09-30-2008 04:34 PM
Problem opening ports - ports appear open, but do not work. computer_freak_8 Linux - Software 10 09-20-2008 10:39 PM
Cannot Open Mail Server Ports 25, 110, and 220. Other Ports will open. Binxter Linux - Newbie 9 11-29-2007 03:03 AM
how to open and block the ports in squid.... shahg_shahg Linux - Security 1 04-28-2005 07:01 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:29 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration