LinuxQuestions.org - Need help building firewall Iptables

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Need help building firewall Iptables (https://www.linuxquestions.org/questions/linux-security-4/need-help-building-firewall-iptables-524871/)

Need help building firewall Iptables

Hi everyone,

Thank you for for reading this thread. I am currently building a simple firewall and dont' quite understand what does it mean by " Drop all incoming packets from reserved port 0 as well as inbound traffic to port 0" The following below is the few rules that I made so far. Can anyone tell me what is the script look like to drop all incoming packet & traffic for reserved port 0. Also, if you see any error on my scirpt, please let me know.

# Set the default policies to DROP
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

# Permit inbound/outbound ssh packets.
iptables -A INPUT -i eth1 -p tcp --dport 22 -- syn -j ACCEPT
iptables -A OUTPUT -o eth1 -p tcp --sport 22 -- syn -j DROP

# Permit inbound/outbound www packets.
iptables -A INPUT -i eth1 -p tcp --dport 80 -- syn -j ACCEPT
iptables -A OUTPUT -o eth1 -p tcp --sport 80 -- syn -j DROP

# Drop inbound traffic to port 80 (http) from source ports less than 1024
iptables -A INPUT -i eth1 -p tcp --dport 80 --sport 0:1024 -j DROP

# Drop all incoming packets from reserved port 0 as well as inbound traffic to port 0

Port 0 should be blocked:

http://www.ouah.org/port0paper.txt

For understanding iptables:
man iptables
+
google
or use firestarter or guarddog which will generate your rules based on simple questions

You really shouldn't be trying to "roll your own" firewall w/ so little background knowledge, If you are determined to learn how, a commendable goal, look at Oscar Andreasson's Iptables Tutorial 1.2.2

Hi, cause I am currently working on my school assignment, really want to get some help, due to my little knowledge on linux and firewall. I am using Fedora 6, how can I execute the firewall when bootup? Also, can anyone please take a look my scipts and tell me where is wrong? I really appreciated. Thanks

# Set the default policies to DROP
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

# Allow the localhost
iptables -A INPUT -i lo -j ACCEPT

# Permit inbound/outbound ssh packets.
iptables -A INPUT -p tcp --dport 22 --syn -j ACCEPT
iptables -A OUTPUT -p tcp --sport 22 --syn -j ACCEPT

# Permit inbound/outbound www packets.
iptables -A INPUT -p tcp --dport 80 --syn -j ACCEPT
iptables -A OUTPUT -p tcp --sport 80 --syn -j ACCEPT

# Drop inbound traffic to port 80 (http) from source ports less than 1024
iptables -A INPUT -p tcp --dport 80 --sport 0:1024 -j DROP

# Drop all incoming packets from reserved port 0 as well as inbound traffic to port 0
iptables -A INPUT -p tcp --dport 0 -j DROP
iptables -A INPUT -p tcp --sport 0 -j DROP

# Allow DNS traffic through this machine
iptables -A INPUT -p udp --dport 53 -j ACCEPT

# Allow DHCP traffic throught this machine
iptables -I INPUT -p udp --dport 67:68 -j ACCEPT

# Create user-defined chains to keep track of the ssh & www traffic v.s the rest of the system
iptables -N definedtraffic
iptables -N resttraffic
iptables -A definedtraffic -j ACCEPT
iptables -A resttraffic -j ACCEPT
iptables -A FORWARD -i eth1 -m tcp -p tcp --sport 22 -j definedtraffic
iptables -A FORWARD -i eth1 -m tcp -p tcp --sport 80 -j definedtraffic
iptables -A FORWARD -j resttraffic

Is this homework?

What have you done to help yourself?

Where are you located?