LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-12-2007, 09:33 PM   #1
ysar68
LQ Newbie
 
Registered: Jan 2007
Location: athens greece
Distribution: fedora core 6
Posts: 5

Rep: Reputation: 0
reject all ip & ports and allow only some ports with iptables


Hello There.
I need to close all incoming ports from any ip and allow input packets in some port numbers ;
How i can make it this if make a chain with reject all i can put chain with accept for the ports i need ?

Thanks
 
Old 05-12-2007, 09:50 PM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by ysar68
I need to close all incoming ports from any ip and allow input packets in some port numbers ;
How i can make it this if make a chain with reject all i can put chain with accept for the ports i need ?
yeah, first set your policy to DROP, then make some ACCEPT rules for the stuff you need... packets that don't get sent to ACCEPT by any of your rules will get sent to DROP when they reach the end of the chain... for example:
Code:
# Set the INPUT policy to DROP:
iptables -P INPUT DROP

# Allow packets from connections related to established ones, packets
# from established ones, and packets from localhost:
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT

# Allow new connections to TCP ports 80 and 443:
iptables -A INPUT -p TCP -m multiport --dports 80,443 \
-m state --state NEW -j ACCEPT

Last edited by win32sux; 05-12-2007 at 09:51 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
are outbound ports converged while local ports are ok ? inanc Linux - Networking 0 02-06-2007 11:37 AM
iptables and ports hermouche Linux - Security 22 11-06-2006 10:59 AM
iptables ports Roosta21 Linux - Software 2 03-16-2006 05:00 AM
iptables and open ports benjithegreat98 Linux - Networking 5 12-23-2003 09:12 AM
RH9-Shrike&iptables-->unbelieviable effect...ports are opened... pablovschby Linux - Security 4 10-03-2003 09:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration