Hello,
I have iptables script as follows
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
iptables -t nat -X
iptables -t mangle -X
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -p icmp -j DROP
iptables -A INPUT -i eth0 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --syn -j DROP
iptables -A INPUT -p udp -j DROP
iptables -A INPUT -j DROP
echo 0 > /proc/sys/net/ipv4/ip_forward
After running script, using nmap I scanned ports on my machine,
nmap my_ip_address and I got output like below
Starting nmap 3.81 (
http://www.insecure.org/nmap/ ) at 2006-12-25 09:05 CET
Interesting ports on eee.eee.ttt.ttt :
(The 1660 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
111/tcp open rpcbind
113/tcp open auth
656/tcp open unknown
Nmap finished: 1 IP address (1 host up) scanned in 0.267 seconds
I am askig all people out there does script part
iptables -A INPUT -p tcp --syn -j DROP
iptables -A INPUT -p udp -j DROP
iptables -A INPUT -j DROP
should drop all packets directed to my box, and how close 111, 113, 656 ports, I really do not need them.
How close some port using iptables?
Thanks in advance
Regards