On Monday 12 April 2004 3:58 am, Sutono wrote:
> Hi Alll,
>
> Are some of you have a firewall script use iptables in linux redhat 9?
> If you have, could you share to me please ....
>
> Thank you
Here's a script I find pretty secure. I don't think there's anything
specific to RedHat 9 about it, so it should work on other distros too:
iptables -F
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
It lets me use ssh from my box to other machines (I can tunnel any other
protocols through ssh), and it stops anything else getting into my machine.
Share and enjoy.
Regards,
Antony.
--
The first fifty percent of an engineering project takes ninety percent of the
time, and the remaining fifty percent takes another ninety percent of the
time.
Please reply to the list;
please don't CC me.
