iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -F -t nat
iptables -F -t mangle
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 0 -j DROP
iptables -A INPUT -p icmp --icmp-type 3 -j DROP
iptables -A INPUT -p icmp --icmp-type 4 -j DROP
iptables -A INPUT -p icmp --icmp-type 5 -j DROP
iptables -A INPUT -p icmp --icmp-type 8 -j DROP
iptables -A INPUT -p icmp --icmp-type 9 -j DROP
iptables -A INPUT -p icmp --icmp-type 13 -j DROP
iptables -A INPUT -p icmp --icmp-type 14 -j DROP
iptables -A INPUT -p icmp --icmp-type 15 -j DROP
iptables -A INPUT -p icmp --icmp-type 16 -j DROP
iptables -A INPUT -p icmp --icmp-type 17 -j DROP
iptables -A INPUT -p icmp --icmp-type 18 -j DROP
iptables -A INPUT -p tcp -m multiport --destination-port 22,53 -j ACCEPT
iptables -A INPUT -m mac --mac-source xx:xx:xx:xx:xx:xx -j ACCEPT
iptables -A INPUT -m mac --mac-source yy:yy:yy:yy:yy:yy -j ACCEPT
The commands above exist in my script (yes I know is not written properly
)
I scan my firewalled pc from an other pc with other mac .
What mistake I do? I want my ports to be invisible