### SCRIPT ### #!/bin/sh # Drop all incoming traffic /sbin/iptables -P INPUT DROP # Drop all forwarded traffic /sbin/iptables -P FORWARD DROP # Allow all outgoing traffic /sbin/iptables -P OUTPUT ACCEPT # Allow returning packets /sbin/iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # Allow incoming traffic on port 80 for web server /sbin/iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT # Allow incoming traffic on port 25 for mail server /sbin/iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT # Allow incoming SSH on port XX #/sbin/iptables -A INPUT -p tcp -m tcp --dport XX -j ACCEPT # Allow ping /sbin/iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT /sbin/iptables-save > /etc/sysconfig/iptables chmod go-r /etc/sysconfig/iptables /sbin/sudo service iptables restart ### /SCRIPT ###
One example rule that I have seen is allowing all local traffic. Does that mean the local network the server is within or traffic inside the box?
Note that I have X'd out the SSH port to disguise the custom port I access my server on.
Thanks.
smime.p7s
Description: S/MIME cryptographic signature
/* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
