Edwin Kapauni wrote:
From the recent thread
<http://www.spinics.net/lists/netfilter/msg33021.html> I have adopted
this ruleset for a standalone computer.
Now, I need some help teaching me how to open ports for SSH and VoIP.
That shouldn't be too difficult, right?
######################### start ###########################
iptables -F
iptables -X
iptables -Z
iptables -t nat -F
iptables -t nat -X
iptables -t nat -Z
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -Z
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 3 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 11 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 12 -j ACCEPT
iptables -A INPUT -p tcp --syn --dport 113 -j REJECT --reject-with
tcp-reset
############################# end #################################
Thanks for any help.
If you are running your ssh server on port 22, you should add the
following line to the script:
iptables -A INPUT -p tcp --syn --dport 22 -j ACCEPT
But i highy recommend bindind the ssh server to a higher port.
regards,
Georgi Alexandrov
