LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-14-2004, 07:07 AM   #16
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422

I think you can simplify it a bit more:

iptables -F

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -i lo -j ACCEPT #You really need this
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A OUTPUT -m state --state NEW,ESTBLISHED,RELATED -j ACCEPT


Now there is a LOT that this firewall doesn't do. If your interested, check out


this thread where markus1982 shows his firewall and gets into some detail about it. Very good reading.
 
Old 06-30-2006, 10:58 AM   #17
sKaar
Member
 
Registered: Jun 2006
Location: dartmouth, nova scotia
Distribution: slackware 12.1
Posts: 74

Rep: Reputation: 2
i suppose somebody will eventually find this and get a shock, like i did(no firewall?!!!). so i checked the standalone firewall in /etc/ppp. rp-pppoe3.6 in slackware 10.2 uses iptables, i have no idea what the rules mean, but i'll post what weres(yes, weres) found.
the standalone firewall definitions:
# Interface to Internet
EXTIF=ppp+

iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP

iptables -F FORWARD
iptables -F INPUT
iptables -F OUTPUT


# Deny TCP and UDP packets to privileged ports
iptables -A INPUT -p udp -i $EXTIF --dport 0:1023 -j LOG
iptables -A INPUT -p udp -i $EXTIF --dport 0:1023 -j LOG
iptables -A INPUT -p udp -i $EXTIF --dport 0:1023 -j DROP
iptables -A INPUT -p udp -i $EXTIF --dport 0:1023 -j DROP


# Deny TCP connection attempts
iptables -A INPUT -i $EXTIF -p tcp --syn -j LOG
iptables -A INPUT -i $EXTIF -p tcp --syn -j DROP


# Deny ICMP echo-requests
iptables -A INPUT -i $EXTIF -p icmp --icmp-type echo-request -j DROP
the result of iptables -L:
Chain INPUT (policy ACCEPT)
target prot opt source destination
LOG udp -- anywhere anywhere udp dpts:0:1023 LOG level warning
LOG udp -- anywhere anywhere udp dpts:0:1023 LOG level warning
DROP udp -- anywhere anywhere udp dpts:0:1023
DROP udp -- anywhere anywhere udp dpts:0:1023
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
DROP icmp -- anywhere anywhere icmp echo-request


Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
i figure that since it shows accept for log and drop that it's not as unsafe as it could be.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Total Newbie needs help ariam Linux - Newbie 3 02-23-2005 05:24 AM
Total Newbie Screener Linux - Newbie 10 06-02-2004 08:46 AM
Total Newbie Needs Help! orillion Linux - Newbie 5 09-05-2003 04:10 AM
total newbie help libster Linux - Distributions 2 02-08-2003 02:25 PM
Total newbie! shakazed Linux - Newbie 13 07-27-2001 07:41 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration