Need help building firewall Iptables
Hi everyone,
Thank you for for reading this thread. I am currently building a simple firewall and dont' quite understand what does it mean by " Drop all incoming packets from reserved port 0 as well as inbound traffic to port 0" The following below is the few rules that I made so far. Can anyone tell me what is the script look like to drop all incoming packet & traffic for reserved port 0. Also, if you see any error on my scirpt, please let me know. # Set the default policies to DROP iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # Permit inbound/outbound ssh packets. iptables -A INPUT -i eth1 -p tcp --dport 22 -- syn -j ACCEPT iptables -A OUTPUT -o eth1 -p tcp --sport 22 -- syn -j DROP # Permit inbound/outbound www packets. iptables -A INPUT -i eth1 -p tcp --dport 80 -- syn -j ACCEPT iptables -A OUTPUT -o eth1 -p tcp --sport 80 -- syn -j DROP # Drop inbound traffic to port 80 (http) from source ports less than 1024 iptables -A INPUT -i eth1 -p tcp --dport 80 --sport 0:1024 -j DROP # Drop all incoming packets from reserved port 0 as well as inbound traffic to port 0 |
Port 0 should be blocked:
http://www.ouah.org/port0paper.txt For understanding iptables: man iptables + or use firestarter or guarddog which will generate your rules based on simple questions |
You really shouldn't be trying to "roll your own" firewall w/ so little background knowledge, If you are determined to learn how, a commendable goal, look at Oscar Andreasson's Iptables Tutorial 1.2.2
|
Hi, cause I am currently working on my school assignment, really want to get some help, due to my little knowledge on linux and firewall. I am using Fedora 6, how can I execute the firewall when bootup? Also, can anyone please take a look my scipts and tell me where is wrong? I really appreciated. Thanks
# Set the default policies to DROP iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # Allow the localhost iptables -A INPUT -i lo -j ACCEPT # Permit inbound/outbound ssh packets. iptables -A INPUT -p tcp --dport 22 --syn -j ACCEPT iptables -A OUTPUT -p tcp --sport 22 --syn -j ACCEPT # Permit inbound/outbound www packets. iptables -A INPUT -p tcp --dport 80 --syn -j ACCEPT iptables -A OUTPUT -p tcp --sport 80 --syn -j ACCEPT # Drop inbound traffic to port 80 (http) from source ports less than 1024 iptables -A INPUT -p tcp --dport 80 --sport 0:1024 -j DROP # Drop all incoming packets from reserved port 0 as well as inbound traffic to port 0 iptables -A INPUT -p tcp --dport 0 -j DROP iptables -A INPUT -p tcp --sport 0 -j DROP # Allow DNS traffic through this machine iptables -A INPUT -p udp --dport 53 -j ACCEPT # Allow DHCP traffic throught this machine iptables -I INPUT -p udp --dport 67:68 -j ACCEPT # Create user-defined chains to keep track of the ssh & www traffic v.s the rest of the system iptables -N definedtraffic iptables -N resttraffic iptables -A definedtraffic -j ACCEPT iptables -A resttraffic -j ACCEPT iptables -A FORWARD -i eth1 -m tcp -p tcp --sport 22 -j definedtraffic iptables -A FORWARD -i eth1 -m tcp -p tcp --sport 80 -j definedtraffic iptables -A FORWARD -j resttraffic |
Is this homework?
What have you done to help yourself? Where are you located? |
All times are GMT -5. The time now is 03:13 PM. |